Commit Graph

6667 Commits

Author SHA1 Message Date
Philip Withnall
1538a89b11 Merge branch 'close_subprocess_parent_fds_on_dispose' into 'master'
GSubprocessLauncher: Move cleanup to dispose()

See merge request GNOME/glib!1670
2020-10-06 11:41:35 +00:00
Philip Withnall
74756a87fa glocalfileinfo: Fix use of fstatat() on macOS < 10.10
`g_local_file_fstatat()` needs to fall back to returning an error if
`fstatat()` isn’t defined, which is the case on older versions of macOS
(as well as Windows, which was already handled). Callers shouldn’t call
`g_local_file_fstatat()` in these cases. (That’s already the case.)

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Fixes: #2203
2020-10-06 10:26:38 +01:00
Maxim Mikityanskiy
094eca7076 gio: Expose g_file_build_attribute_list_for_copy
Expose a function that prepares an attribute query string to be passed
to g_file_query_info() to get a list of attributes normally copied with
the file. This function is used by the implementation of
g_file_copy_attributes, and it's useful if one needs to split
g_file_copy_attributes into two stages, for example, when nautilus does
a recursive move of a directory. When files are moved from the source
directory, its modification time changes. To preserve the mtime on the
destination directory, it has to be queried before moving files and set
after doing it, hence these two stages.

Signed-off-by: Maxim Mikityanskiy <maxtram95@gmail.com>
2020-10-06 10:16:49 +01:00
Sergio Costas
605cff61da GSubprocessLauncher: Move cleanup to dispose()
The GSubprocessLauncher class lacks a dispose() method, and frees
all their resources in the finalize() method.

This is a problem with Javascript because the sockets passed to a
child process using g_subprocess_launcher_take_fd() aren't closed
in the parent space until the object is fully freed. This means
that if the child closes a socket, it won't be detected until the
GSubprocessLauncher object has been freed by the garbage
collector.

Just closing the socket externally is not a valid solution,
because the finalize() method will close it again, and since
another file/pipe/socket could have been opened in the meantime
and use the same FD number, the finalize() method would close
an incorrect FD.

An example is launching a child process that uses its own
socket for Wayland: the parent creates two sockets with
socketpair(), passes one to the Wayland API (wl_client_create()),
and the other is passed to the child process using
g_subprocess_launcher_take_fd(). But now there are two instances
of that second socket: one in the parent, and another one in the
child process. That means that, if the child closes its socket (or
dies), the Wayland server will not detect that until the
GSubprocessLauncher object is fully destroyed. That means that a
GSubprocessLauncher created in Javascript will last for several
seconds after the child dies, and every window or graphical element
will remain in the screen until the Garbage Collector destroys the
GSubprocessLauncher object.

This patch fixes this by moving the resource free code into a
dispose() method, which can be called from Javascript. This allows
to ensure that any socket passed to the child with
g_subprocess_launcher_take_fd() can be closed even from Javascript
just by calling the method run_dispose().

Fix https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1670
2020-10-02 22:55:07 +02:00
Philip Withnall
37d04c2f6b Merge branch 'appinfo-shellany' into 'master'
GWin32AppInfo: Support verbs other than "open"

See merge request GNOME/glib!1502
2020-10-01 16:37:36 +00:00
Руслан Ижбулатов
106e78af97 GWin32AppInfo: Support verbs other than "open"
This combines a massive code re-folding with functionlity expansion
that allows us to track multiple verbs per handler or per application.

Also fixes a few issues and removes a function that made no sense.
2020-10-01 17:18:03 +01:00
Руслан Ижбулатов
b01521b4cd gwin32registrykey: Fix returning subkey_name in subkey_iter_get_name() 2020-10-01 17:18:03 +01:00
Patrick Griffis
f9fc29f0b7 gtlscertificate: Add support for PKCS #11 backed certificates
This reverts commit d58e5de9e9.
2020-10-01 17:09:04 +01:00
Simon McVittie
38a2aed5f0 GDBus: Use G_DBUS_METHOD_INVOCATION_HANDLED in method implementations
Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-10-01 16:32:50 +01:00
Simon McVittie
d65c8c30a9 GDBus: Add G_DBUS_METHOD_INVOCATION_HANDLED, _UNHANDLED
Like G_SOURCE_REMOVE and G_SOURCE_CONTINUE, these make it clearer what
it means to return TRUE or FALSE.

In particular, in GDBus methods that fail, the failure case still needs
to return TRUE (unlike the typical GError pattern), leading to comments
like this:

    g_dbus_method_invocation_return_error (invocation, ...);
    return TRUE;    /* handled */

which can now be replaced by:

    g_dbus_method_invocation_return_error (invocation, ...);
    return G_DUS_METHOD_INVOCATION_HANDLED;

G_DBUS_METHOD_INVOCATION_UNHANDLED is added for symmetry, but is very
rarely (perhaps never?) useful in practice.

Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-10-01 16:32:50 +01:00
Simon McVittie
500d065f3d GDBus tests: Use G_SOURCE_REMOVE, G_SOURCE_CONTINUE
The meaning of the boolean result of a GSource function is clearer if
we use these aliases.

Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-10-01 16:32:50 +01:00
Philip Withnall
854abcd1af Merge branch 'optdeps' into 'master'
Make libelf dependency optional via meson feature

See merge request GNOME/glib!1650
2020-10-01 13:47:36 +00:00
Niklas Gürtler
aa0e120174 Make libelf dependency optional via meson feature 2020-10-01 13:47:36 +00:00
Philip Withnall
b43fb9cbfb guri: Fix URI scope parsing
The previous parsing code could read off the end of a URI if it had an
incorrect %-escaped character in.

Fix that, and more closely implement parsing for the syntax defined in
RFC 6874, which is the amendment to RFC 3986 which specifies zone ID
syntax.

This requires reworking some network-address tests, which were
previously treating zone IDs incorrectly.

oss-fuzz#23816

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2020-09-30 19:39:30 +01:00
Peter Bloomfield
a3b5e188aa gthreadedresolver: Fix logic in parse_res_text()
and avoid a sign-compare warning.

Fixes #2209
2020-09-26 11:11:44 -04:00
Philip Withnall
f2df054673 Merge branch 'wip/oholy/trash-recursion' into 'master'
gio-tool-trash: Prevent recursion to speed up emptying trash

See merge request GNOME/glib!1654
2020-09-24 05:59:43 +00:00
Ondrej Holy
f474ec1f72 gio-tool-trash: Prevent recursion to speed up emptying trash
Emptying trash over `gio trash` is a bit slow in comparison to plain
`rm -r`. On my system, it took about 3 min to empty the trash with a
folder containing 600 000 files, which is not ideal as `rm -r` call
took just a few seconds. I found that `g_file_delete` is implemented
differently for locations provided by the trash backend. The trash
backend prevents modifications of trashed content thus the delete
operation is allowed only for the top-level files and folders. So it
is not necessary to recursive delete all files as the permission
denied error is returned anyway. Let's call `g_file_delete` only for
top-level items, which reduces the time necessary for emptying trash
from minutes to seconds...

See: https://gitlab.gnome.org/GNOME/nautilus/-/issues/1589
2020-09-23 15:35:47 +02:00
Philip Withnall
af0b0e98da Merge branch 'trash-portal-error' into 'master'
trash portal: Handle portal failures

See merge request GNOME/glib!1652
2020-09-23 09:36:32 +00:00
Ryan Gonzalez
88032cb541 trash portal: Handle portal failures
Previously, only whether or not the D-Bus call itself succeeded was
checked, regardless of the result code from the actual trash operation.
2020-09-15 18:06:56 -05:00
Simon McVittie
642baa50fa glocalfile: Never require G_LOCAL_FILE_STAT_FIELD_ATIME
Some filesystems don't have meaningful access times under at least some
circumstances (see #2189, #2205). In this situation the traditional stat()
and related kernel interfaces have to put something meaningless in the
st_atime field, and have no way to signal that it is meaningless.

However, statx() does have a way to signal that the atime is meaningless:
if the filesystem doesn't provide a useful access time, it will unset
the STATX_ATIME bit (as well as filling in the same meaningless value
for the stx_atime field that stat() would have used, for compatibility).
We don't actually *need* the atime, so never include it in the required
mask. This was already done for one code path in commit 6fc143bb
"gio: Allow no atime from statx" to fix #2189, but other callers were
left unchanged in that commit, and receive the same change here.

It is not actually guaranteed that *any* of the flags in the
returned stx_mask will be set (the only guarantee is that items in
STATX_BASIC_STATS have at least a harmless compatibility value, even if
their corresponding flag is cleared), so it might be better to follow
this up by removing the concept of the required mask entirely. However,
as of Linux 5.8 it looks as though STATX_ATIME is the only flag in
STATX_BASIC_STATS that might be cleared in practice, so this simpler
change fixes the immediate regression.

Resolves: https://gitlab.gnome.org/GNOME/glib/-/issues/2205
Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-09-15 10:09:46 +01:00
Philip Withnall
c3eda78ada Merge branch '2194-winhttp-file-display-name' into 'master'
gwinhttpfile: Set display-name attribute on file info

Closes #2194

See merge request GNOME/glib!1644
2020-09-11 09:49:04 +00:00
Philip Withnall
6f9b379c08 gwinhttpfile: Set display-name attribute on file info
It is not allowed to be `NULL` or unset if requested by the file
attribute matcher. Derive it from the basename. This doesn’t handle the
situation of a failed UTF-16 to UTF-8 conversion very well, but will at
least return something.

Note that the `g_filename_display_basename()` function can’t be used as
`GWinHttpFile` provides its URI in UTF-16 rather than in the file system
encoding.

This fixes a crash when using GIMP on Windows. Thanks to lillolollo for
in-depth debugging assistance.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Fixes: #2194
2020-09-10 14:14:32 +01:00
Simon McVittie
92183fb703 gdbusauthmechanismsha1: Use the same timeouts as libdbus
For interoperability with libdbus, we want to use compatible timeouts.
In particular, this fixes a spurious failure of the `gdbus-server-auth`
test caused by libdbus and gdbus choosing to expire the key (cookie) at
different times, as diagnosed by Thiago Macieira. Previously, the libdbus
client would decline to use keys older than 7 minutes, but the GDBus
server would not generate a new key until the old key was 10 minutes old.

For completeness, also adjust the other arbitrary timeouts in the
DBUS_COOKIE_SHA1 mechanism to be the same as in libdbus. To make it
easier to align with libdbus, create internal macros with the same names
and values used in dbus-keyring.c.

* maximum time a key can be in the future due to clock skew between
  systems sharing a home directory
  - spec says "a reasonable time in the future"
  - was 1 day
  - now 5 minutes
  - MAX_TIME_TRAVEL_SECONDS

* time to generate a new key if the newest is older
  - spec says "If no recent keys remain, the server may generate a new
    key", but that isn't practical, because in reality we need a grace
    period during which an old key will not be used for new authentication
    attempts but old authentication attempts can continue (in practice both
    libdbus and GDBus implemented this logic)
  - was 10 minutes
  - now 5 minutes
  - NEW_KEY_TIMEOUT_SECONDS

* time to discard old keys
  - spec says "the timeout can be fairly short"
  - was 15 minutes
  - now 7 minutes
  - EXPIRE_KEYS_TIMEOUT_SECONDS

* time allowed for a client using an old key to authenticate, before
  that key gets deleted
  - was at least 5 minutes
  - now at least 2 minutes
  - at least (EXPIRE_KEYS_TIMEOUT_SECONDS - NEW_KEY_TIMEOUT_SECONDS)

Based on a merge request by Philip Withnall.

Fixes: #2164
Thanks: Philip Withnall
Thanks: Thiago Macieira
Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-09-07 11:29:06 +01:00
Philip Withnall
30a31b21fb gcancellable: Mark a variable as unused if built with G_DISABLE_ASSERT
It’s only used in an assertion. This fixes a compiler warning.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-09-01 12:23:19 +01:00
Carlos Garnacho
cf85241aba tests: Add splice cancellation test
This doesn't trigger the cancellation assertion issue when run locally
(the task didn't return yet, so the error is simply overwritten), but
perhaps it ever does in CI. Anyhow, it's good to have a cancellation
test.
2020-08-28 11:38:51 +02:00
Carlos Garnacho
c033450f93 goutputstream: Check individual close operations after splice
After a splice operation is finished, it attempts to 1) close input/output
streams, as per the given flags, and 2) return the operation result (maybe
an error, too).

However, if the operation gets cancelled early and the streams indirectly
closed, the splice operation will try to close both descriptors and return
on the task when both are already closed. The catch here is that getting the
streams closed under its feet is possible, so the completion callback would
find both streams closed after returning on the first close operation and
return the error, but then the second operation could be able to trigger
a second error which would be returned as well.

What happens here is up to further race conditions, if the task didn't
return yet, the returned error will be simply replaced (but the old one not
freed...), if it did already return, it'll result in:

GLib-GIO-FATAL-CRITICAL: g_task_return_error: assertion '!task->ever_returned' failed

Fix this by flagging the close_async() callbacks, and checking that both
close operations did return, instead of checking that both streams are
closed by who knows.

This error triggers a semi-frequent CI failure in tracker, see the summary at
https://gitlab.gnome.org/GNOME/tracker/-/issues/240
2020-08-28 11:22:14 +02:00
Philip Withnall
9674d14175 Merge branch 'g_settings_new' into 'master'
gio: Document g_settings_new() missing schema behaviour

See merge request GNOME/glib!1626
2020-08-24 09:02:43 +00:00
Chris Mayo
dc1a1b841c gio: Document g_settings_new() missing schema behaviour
Explain what happens, the rationale and reference another
function that may be helpful.
2020-08-24 09:02:43 +00:00
Valentin David
6fc143bba8
gio: Allow no atime from statx
statx does not provide stx_atime when querying a file in a read-only
mounted file system. So call to statx should not expect it to be in
the mask. Otherwise we would fail with ERANGE for querying any file in
a read-only file system.

Fixes #2189.
2020-08-23 16:41:17 +02:00
Sebastian Dröge
24af98e0ee Merge branch 'cancellable-pollfd' into 'master'
gcancellable: Assert that make_pollfd() call succeeds

See merge request GNOME/glib!1623
2020-08-18 10:35:16 +00:00
Sebastian Dröge
009791b614 Merge branch 'dbus-uint-checks' into 'master'
gdbusmessage: Drop redundant uint ≥ 0 checks

See merge request GNOME/glib!1625
2020-08-18 10:25:18 +00:00
Sebastian Dröge
5271b67e37 Merge branch 'dbus-address-null-check' into 'master'
gdbusaddress: Drop an unnecessary NULL check

See merge request GNOME/glib!1624
2020-08-18 10:13:04 +00:00
Philip Withnall
a110ca920a gcancellable: Assert that make_pollfd() call succeeds
The `make_pollfd()` call can’t fail because it only does so if
`cancellable == NULL`, and we’ve already checked that. Assert that’s the
case, to shut Coverity up and to catch behavioural changes in future.

Coverity CID: #1159433
Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-08-18 11:08:51 +01:00
Nirbheek Chauhan
0b0b9bfda0 Merge branch 'windows-netreset' into 'master'
gioerror: Map WSAENETRESET on Windows to G_IO_ERROR_CONNECTION_CLOSED

See merge request GNOME/glib!1616
2020-08-18 09:46:36 +00:00
Philip Withnall
7afd4071d6 gdbusmessage: Drop redundant uint ≥ 0 checks
They are always true.

Coverity CID: #1430645, #1430674, #1430884, #1430974
Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-08-18 10:39:46 +01:00
Philip Withnall
9664ff15ac gdbusaddress: Drop an unnecessary NULL check
`g_strsplit()` never returns `NULL`, although it can return an empty
strv (i.e. with its first element being `NULL`).

Drop a redundant `NULL` check.

Coverity CID: #1430976
Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-08-18 10:36:26 +01:00
Sebastian Dröge
fb6da5677b Merge branch 'wip/pwithnall/coverity' into 'master'
CI support for Coverity Scan

See merge request GNOME/glib!1593
2020-08-17 11:57:24 +00:00
Philip Withnall
a396fa9027 Merge branch 'statx' into 'master'
Add support for Linux statx stx_btime

Closes #1970

See merge request GNOME/glib!1310
2020-08-17 11:49:05 +00:00
Andre Miranda
18aaf33cf1 glocalfileinfo: Support STX_BTIME for G_FILE_ATTRIBUTE_TIME_CREATED
If `statx()` is supported, query it for the file creation time and use
that if returned.

Incorporating some minor code rearrangement by Philip Withnall
<withnall@endlessm.com>.

Fixes: #1970
2020-08-17 12:33:05 +01:00
Andre Miranda
60eefd4de9 glocalfileinfo: Add statx() support
This currently just implements the same functionality as the existing
`stat()`/`fstat()`/`fstatat()`/`lstat()` calls, although where a reduced
field set is requested it may return faster.

Helps: #1970
2020-08-17 12:33:05 +01:00
Alexander Larsson
4cf95e3904 Ensure g_subprocess_communicate_async() never blocks
It turns out that our async write operation implementation is broken
on non-O_NONBLOCK pipes, because the default async write
implementation calls write() after poll() said there were some
space. However, the semantics of pipes is that unless O_NONBLOCK is set
then the write *will* block if the passed in write count is larger than
the available space.

This caused a deadlock in https://gitlab.gnome.org/GNOME/glib/-/issues/2182
due to the loop-back of the app stdout to the parent, but even without such
a deadlock it is a problem that we may block the mainloop at all.

In the particular case of g_subprocess_communicate() we have full
control of the pipes after starting the app, so it is safe to enable
O_NONBLOCK (i.e. we can ensure all the code using the fd after this can handle
non-blocking mode).

This fixes https://gitlab.gnome.org/GNOME/glib/-/issues/2182
2020-08-17 12:57:24 +02:00
Sebastian Dröge
a8acbba46a gioerror: Map WSAENETRESET on Windows to G_IO_ERROR_CONNECTION_CLOSED
This has almost the same semantics as WSAECONNRESET and for all
practical purposes is handled the same. The main difference is about
*who* reset the connection: the peer or something in the network.

For UDP sockets this happens when receiving packets and previously sent
packets returned an ICMP "Time(-to-live) expired" message. This is
similar to WSAECONNRESET, which on UDP sockets happens when receiving
packets and previously sent packets returned an ICMP "Port Unreachable"
message.
2020-08-17 13:14:46 +03:00
Andre Miranda
622806d5cf glocalfileinfo: Add support for optional/required fields in stat bufs
This is a step towards supporting `statx()`, which allows the set of
fields it returns to be specified by the caller. Currently, the existing
`stat()` and `fstat()` calls continue to be made, and there are no
behavioural changes — but the new wrapper functions will be extended in
future.

Helps: #1970
2020-08-14 17:30:11 +01:00
Andre Miranda
8edbfe8bb0 glocalfileinfo: Use accessors to access struct stat members
This will allow the actual struct in use to be changed in future without
code changes everywhere.

Helps: #1970
2020-08-14 17:30:11 +01:00
James Westman
2ec4e05733 docs: glib-compile-resources: json-stripblanks
Document the `json-stripblanks` preprocessing option for .gresource.xml files.
2020-08-13 08:07:51 +00:00
Sebastian Dröge
e4f4a40fb4 Merge branch 'file-delete-docs' into 'master'
gfile: Document TOCTTOU avoidance using g_file_delete()

See merge request GNOME/glib!1613
2020-08-12 10:00:12 +00:00
Philip Withnall
373c54a52c gfile: Document TOCTTOU avoidance using g_file_delete()
Don’t call `g_file_query_exists()` followed by `g_file_delete()`. Just
call `g_file_delete()` and check the error.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-08-12 10:48:28 +01:00
Phil Clayton
4a848a0aca gio: add missing (out) annotations to g_socket_receive*
This makes the introspection interface to g_socket_receive* consistent
with the interface to g_input_stream_read*.

Closes #2176
2020-08-11 18:34:16 +01:00
Philip Withnall
b654eb1846 guri: Make G_URI_FLAGS_PARSE_STRICT the default
Make `G_URI_FLAGS_PARSE_RELAXED` available instead, for the
implementations which need to handle user-provided or incorrect URIs.
The default should nudge people towards being compliant with RFC 3986.

This required also adding a new `G_URI_PARAMS_PARSE_RELAXED` flag, as
previously parsing param strings *always* used relaxed mode and there
was no way to control it. Now it defaults to using strict mode, and the
new flag allows for relaxed mode to be enabled if needed.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Fixes: #2149
2020-08-07 14:02:18 +01:00
Philip Withnall
df8dc7fc38 Merge branch 'guri-gio' into 'master'
Replace _g_uri_parse_authority() with GUri

Closes #2156

See merge request GNOME/glib!1567
2020-08-05 16:06:02 +00:00
Philip Withnall
931496b93a Merge branch 'replace-destination' into 'master'
GFile: Document that G_FILE_CREATE_REPLACE_DESTINATION can only be used with...

See merge request GNOME/glib!1594
2020-08-05 15:39:34 +00:00
Ondrej Holy
4602a5ee17 gfile: Add support for x-gvfs-notrash option to ignore mounts
Add support for x-gvfs-notrash mount option, which allows to disable
trash functionality for certain mounts. This might be especially useful
e.g. to prevent trash folder creation on enterprise shares, which are
also accessed from Windows...

https://bugzilla.redhat.com/show_bug.cgi?id=1096200
2020-08-05 13:07:04 +01:00
Ondrej Holy
0d6b17584a gunixmounts: Add g_unix_mount_point_at
There is already g_unix_mount_at function which allows to find certain
unix mount for given mount path. It would be useful to have similar
function for mount points, which will allow to replace custom codes in
gvfs. Let's add g_unix_mount_point_at.
2020-08-05 13:07:04 +01:00
Matthias Clasen
96d39f86b5 Revert "Merge branch 'appinfo-properties' into 'master'"
This reverts merge request !1582
2020-08-02 21:02:03 +00:00
Matthias Clasen
8f960c79e9 Merge branch 'appinfo-properties' into 'master'
appinfo: Add properties

See merge request GNOME/glib!1582
2020-07-29 01:20:50 +00:00
Matthias Clasen
9193fd529f Add a missing include 2020-07-28 17:29:47 -04:00
Marc-André Lureau
dd0fae1303 gio: remove _g_uri_parse_authority()
It is now unused and redundant with GUri.

Fixes: #2156

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2020-07-28 16:35:13 +04:00
Marc-André Lureau
aa0b09ebef gio: use g_uri_split_network() in g_simple_proxy_resolver_lookup()
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2020-07-28 16:35:05 +04:00
Marc-André Lureau
1b6a0535e8 gio: use g_uri_split_with_user() in save_userinfo()
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2020-07-28 16:32:50 +04:00
Marc-André Lureau
6f419e7e2f gio: use g_uri_split_network() in g_network_address_parse_uri()
_g_uri_parse_authority() can be replaced with g_uri_split_network() &
PARSE_STRICT. Keep the original error code, for compatibility reasons.

Notice that GUri uses gint for the port, and value -1 if the port value
is missing. However, GNetworkAddress::port is a guint.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2020-07-28 16:31:11 +04:00
Marc-André Lureau
a173a6f617 gio: use g_uri_is_valid()
_g_uri_parse_authority() without argument is actually checking that the
URI is valid, by checking it parses successfully

We keep the existing error domain / code for compatibility reasons,
instead of raising the underlying G_URI_ERROR.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2020-07-28 16:15:50 +04:00
Marc-André Lureau
034a4dcdc0 gio: replace _g_uri_from_authority() with g_uri_join()
_g_uri_from_authority() is doing the same work as g_uri_join(): taking
URI components and merging them in a legit URI string, with encoding.

It turns out g_uri_from_authority was unnecessarily complex, since no
caller used the userinfo field.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
2020-07-28 16:12:37 +04:00
Matthias Clasen
df7f35e81a Apply 1 suggestion(s) to 1 file(s) 2020-07-27 19:49:05 +00:00
Matthias Clasen
b5fc5d6423 Apply 1 suggestion(s) to 1 file(s) 2020-07-27 19:48:50 +00:00
Matthias Clasen
c10a0a390a Apply 1 suggestion(s) to 1 file(s) 2020-07-27 19:48:41 +00:00
Matthias Clasen
65263ced54 Apply 1 suggestion(s) to 1 file(s) 2020-07-27 19:48:36 +00:00
Matthias Clasen
2301d75a94 Apply 1 suggestion(s) to 1 file(s) 2020-07-27 19:48:31 +00:00
Matthias Clasen
c213000e25 Apply 1 suggestion(s) to 1 file(s) 2020-07-27 19:48:26 +00:00
Matthias Clasen
d9757ab033 Apply 1 suggestion(s) to 1 file(s) 2020-07-27 19:48:21 +00:00
Matthias Clasen
921e2ee6e3 Apply 1 suggestion(s) to 1 file(s) 2020-07-27 19:48:15 +00:00
Matthias Clasen
bad7efc0ea Apply 1 suggestion(s) to 1 file(s) 2020-07-27 19:48:11 +00:00
Matthias Clasen
98deeff312 Apply 1 suggestion(s) to 1 file(s) 2020-07-27 19:48:08 +00:00
Matthias Clasen
e09594f500 Apply 1 suggestion(s) to 1 file(s) 2020-07-27 19:48:04 +00:00
Matthias Clasen
10eb9744df Apply 1 suggestion(s) to 1 file(s) 2020-07-27 19:48:00 +00:00
Matthias Clasen
d09bd8e5fb Apply 1 suggestion(s) to 1 file(s) 2020-07-27 19:47:51 +00:00
Matthias Clasen
75000b036d Apply 1 suggestion(s) to 1 file(s) 2020-07-27 19:47:47 +00:00
Sebastian Dröge
63809867bd GFile: Document that G_FILE_CREATE_REPLACE_DESTINATION can only be used with g_file_replace() and variants
Passing it to e.g. g_file_create() for an already existing file will
still cause a "file exists" error.
2020-07-27 18:35:38 +03:00
Philip Withnall
648986a290 glib: Avoid redefining GLIB_DISABLE_DEPRECATION_WARNINGS
It may be defined by the environment (we document that as being allowed)
— if so, individual files should not try to redefine it, as that causes
a preprocessor warning.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-07-27 15:41:09 +01:00
Sebastian Dröge
5ba5f5b686 Merge branch '137-gfileinfo-display-name-docs' into 'master'
gfileinfo: Clarify docs to say that name and display-name are set

Closes #137

See merge request GNOME/glib!1585
2020-07-27 13:12:44 +00:00
Philip Withnall
b79747eee1 Merge branch 'remove-broken-xp-code' into 'master'
gio: Remove broken support for XP

See merge request GNOME/glib!1583
2020-07-27 02:07:43 +00:00
Philip Withnall
0544fdff5f gfileinfo: Clarify docs to say that name and display-name are set
They are always available, for all files.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Fixes: #137
2020-07-27 00:45:31 +01:00
Philip Withnall
ea2db92034 glocalfileoutputstream: Use g_fsync() for platform-independence
Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-07-26 21:38:17 +01:00
Philip Withnall
3b6460b94c glib: Use g_file_set_contents_full() throughout GLib and GIO
Where applicable. Where the current use of `g_file_set_contents()` seems
the most appropriate, leave that in place.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Helps: #1302
2020-07-26 21:37:46 +01:00
Nirbheek Chauhan
4e485d76ac gio: Remove broken support for XP
We now require Windows 7 or newer, and the networking code hasn't
worked in a long time since we directly use symbols from iphlapi.dll
now.
2020-07-26 21:30:05 +05:30
Philip Withnall
d5513ef72c Merge branch 'giomodule-cache' into 'master'
Fix giomodule.cache being wrongly considered stale

Closes #2127

See merge request GNOME/glib!1560
2020-07-25 23:10:25 +00:00
Matthias Clasen
7994219b26 Add more documentation
Add nullable annotations, Since tags and references to
relevant Desktop Entry spec keys.
2020-07-25 18:37:28 -04:00
Matthias Clasen
38b5781c4b Apply 1 suggestion(s) to 1 file(s) 2020-07-25 22:03:12 +00:00
Matthias Clasen
8d2f149f84 Apply 1 suggestion(s) to 1 file(s) 2020-07-25 22:02:27 +00:00
Matthias Clasen
28dafe3b64 Apply 1 suggestion(s) to 1 file(s) 2020-07-25 21:59:14 +00:00
Matthias Clasen
7a76fa5128 Apply 1 suggestion(s) to 1 file(s) 2020-07-25 21:59:07 +00:00
Matthias Clasen
6e707d2aa5 appinfo: Add properties
Give GAppInfo a bunch of readonly properties, and
support them in GDesktopAppInfo. This makes app infos
more convenient to work with in GTK4, and in general.
2020-07-25 17:42:26 -04:00
Philip Withnall
060fda09eb Merge branch 'task-set-name-version' into 'master'
gtask: Only override g_task_set_source_tag() for GLib ≥ 2.60

See merge request GNOME/glib!1576
2020-07-25 17:16:44 +00:00
Philip Withnall
50f8a9d32a Merge branch '422-xattr-binary-data' into 'master'
Fix support for binary xattrs

Closes #422

See merge request GNOME/glib!1568
2020-07-25 17:13:55 +00:00
Philip Withnall
b80b864fe3 tests: Add a test for getting/setting xattrs on a local file
Signed-off-by: Philip Withnall <withnall@endlessm.com>

Helps: #422
2020-07-24 23:43:01 +01:00
Philip Withnall
bd75c185a1 gtask: Only override g_task_set_source_tag() for GLib ≥ 2.60
g_task_set_name() was added in GLib 2.60, so only use it in the
overridden definition of g_task_set_source_tag() if the user has said
that they require GLib ≥ 2.60.

This is a follow up to commit b08bd04abe.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-07-15 17:08:47 +01:00
Will Thompson
4b3183435b portal: Read /.flatpak-info in thread-safe fashion
There is no guarantee that this function would not be called
concurrently. Particularly since flatpak_info_read was set to TRUE
before /.flatpak-info is actually read from disk, there is a potential
race where a second thread would return default values for the various
flags set from that file.

Fixes #2159
2020-07-13 16:26:44 +01:00
Sergio Gelato
63b329fb81 glocalfileinfo: Correct an off-by-one error when unescaping hex
Correct an off-by-one error in hex_unescape_string()'s computation of
the output string length.

(Turned into a git-format patch by Philip Withnall. Original patch
submitted on the Debian bug tracker, bug#962912.)
2020-07-08 12:47:21 +01:00
Sergio Gelato
8049535ffe glocalfileinfo: Handle arbitrary binary data in extended attribute values
It's safe to assume an escaped string doesn't contain embedded null bytes,
but raw memory buffers (as returned by getxattr()) require more care.

If the length of the data to be escaped is known, use that knowledge instead
of invoking strlen().

(Turned into a git-format patch by Philip Withnall. One minor formatting
tweak. Original patch submitted on the Debian bug tracker, bug#962912.)

Fixes: #422
2020-07-08 12:46:45 +01:00
Philip Withnall
b08bd04abe gtask: Improve task names used internally within GLib
And improve them externally, where not otherwise set, by setting them
from the function name passed to `g_task_set_source_tag()`, if called by
third party code.

This should make profiling and debug output from GLib more useful.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-07-07 11:17:10 +01:00
Philip Withnall
6f281ce2e5 gtask: Include task name in complete_in_idle_cb source name
`complete_in_idle_cb()` shows up in a lot of sysprof traces, so it’s
quite useful to include the most specific contextual information we can
in it.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-07-07 11:17:10 +01:00
Felix Riemann
88fe78137d gdesktopappinfo: Fix unnecessarily copied and leaked URI list
When an app is spawned using g_desktop_app_info_launch_uris_with_spawn
it will expand the various token in the app's commandline with the
URIs of the files to open. The expand_macro() function that is used for
this advances the pointer to the URI list to show up to which entries
it used.

To not loose the pointer to the list head a duplicate of the URI list
was actually passed to expand_macro(). However, it's not necessary to
create a copy of the URI list for that as expand_macro() will only
change which element the pointer will point to.

This behaviour actually caused the duplicated list to be leaked as the
the list pointer is NULL once all URIs are used up by expand_macro()
and thus nothing was freed at the end of the function.
2020-07-04 20:20:42 +02:00
Léo Stefanesco
497c511a98 Fix giomodule.cache being wrongly considered stale
In ostree based systems, such as flatpak and fedora silverblue, the
time of modification of every system file is epoch 0, including
giomodule.cache, which means that every module is loaded and unloaded
every time.

The solution is to use the change time of the file as well. In a typical
system, it is equal to the mtime, and in an ostree based system, since
the directory is mounted as read-only, the user cannot add a module and
we must assume that the cache file corresponds to the modules.
2020-07-03 15:16:33 +02:00
Philip Withnall
582ffcd6ea Merge branch 'cancellable-test-debugging' into 'master'
tests: Fix intermittent failure in GCancellableSource test

Closes #1764

See merge request GNOME/glib!1539
2020-06-25 13:02:18 +00:00
Ruslan Marchenko
44524b9daa Add g_(d)tls_connection_get_channel_binding_data calls and enums
* Add g_tls_connection_get_channel_binding_data API call
 * Add g_dtls_connection_get_channel_binding_data API call
 * Add get_binding_data method to GTlsConnection class
 * Add get_binding_data method to GDtlsConnection interface
 * Add GTlsChannelBindingType enum with tls-unique and
   tls-server-end-point types
 * Add GTlsChannelBindingError enum and G_TLS_CHANNEL_BINDING_ERROR
   quark
 * Add new API calls to documentation reference gio-sections-common
2020-06-25 12:40:34 +00:00
Philip Withnall
ee3216b31b tests: Iterate the GMainContext directly rather than using a GMainLoop
This speeds up the `cancellable` test a little by stopping waiting for
the threads to start up as soon as they have started, rather than after
an arbitrary timeout.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Helps: #1764
2020-06-25 13:12:51 +01:00
Philip Withnall
5e49d53cd5 tests: Use G_SOURCE_CONTINUE/G_SOURCE_REMOVE instead of booleans
This makes no functional difference, but clarifies the code a little.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-06-25 13:12:51 +01:00
Philip Withnall
a956b096af tests: Use atomics to access counter shared between threads
This should fix some sporadic test failures in this test, although I
can’t be sure as I was unable to reproduce the original failure.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Closes: #1764
2020-06-25 13:12:51 +01:00
Philip Withnall
5571aaa1c5 tests: Use g_test_message() rather than g_printerr() in cancellable test
This makes sure the message gets formatted correctly and sent to the
right log file.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-06-25 13:12:51 +01:00
Philip Withnall
5b12608157 tests: Fix intermittent failure in GCancellableSource test
It seems that allowing the GCancellable to be finalised in either the
main thread or the worker thread sometimes leads to crashes when running
on CI.

I cannot reproduce these crashes locally, and various analyses with
memcheck, drd and helgrind have failed to give any clues.

Fix this for this particular test case by deferring destruction of the
`GCancellable` instances until after the worker thread has joined.
That’s OK because this test is specifically checking a race between
`g_cancellable_cancel()` and disposal of a `GCancellableSource`.

The underlying bug remains unfixed, though, and I can only hope that we
eventually find a reliable way of reproducing it so it can be analysed
and fixed.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-06-25 13:12:51 +01:00
Philip Withnall
a63efa4291 tree: Fix various ableist language
In almost all cases, rewording the documentation/comments made things
more specific and a little clearer.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

See: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1544#note_846645
2020-06-23 10:49:44 +01:00
Philip Withnall
97b5bc4a01 Merge branch 'wip/oholy/remote-attribute-fixes' into 'master'
Various GLocalFile fixes related to the filesystem::remote attribute

See merge request GNOME/glib!1534
2020-06-19 10:08:03 +00:00
Ondrej Holy
92c9960521 glocalfile: Add SMB on the list of remote filesystems
The G_FILE_ATTRIBUTE_FILESYSTEM_REMOTE is set to TRUE only for NFS
filesystem types currently. Let's add also SMB filesystem types. This
also changes g_local_file_is_nfs_home function logic to handle only
NFS filesystems.
2020-06-19 11:35:09 +02:00
Ondrej Holy
a8f97cbe8e glocalfile: Rename g_local_file_is_remote
The g_local_file_is_remote function is misleading as it works only for
NFS filesystem types and only for locations in home directorly. Let's
rename it to g_local_file_is_nfs_home to make it obvious.
2020-06-19 11:34:42 +02:00
Ondrej Holy
f489f6c4ee glocalfile: Do not call statfs/statvfs several times
statfs/statvfs is called several times when querying filesystem info.
This is because the G_FILE_ATTRIBUTE_FILESYSTEM_REMOTE attribute is set
over is_remote_fs function, which calls statfs/statvfs again. Let's use
the already known fstype instead of redundant statfs/statvfs calls.
This also changes g_local_file_is_remote implementation to use
g_local_file_query_filesystem_info to obtain fstype, which allows to
remove duplicated code from is_remote_fs function.
2020-06-19 11:34:40 +02:00
Michael Catanzaro
75359441cd Fix issue in GSocketAddressEnumerator documentation
We should stop iterating the enumerator the first time it returns NULL,
even if error is set.

Fixes #1982
2020-06-18 13:30:40 -05:00
Philip Withnall
39f047e821 gsocket: Add missing check_socket() checks
This makes no great difference, just increases robustness a bit.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Closes: #1339
2020-06-18 12:52:39 +01:00
Ondrej Holy
706dc6b5aa glocalfile: Fix G_FILE_ATTRIBUTE_FILESYSTEM_REMOTE outside home
The G_FILE_ATTRIBUTE_FILESYSTEM_REMOTE currently works only for locations
in the home directory. Let's make it work also for files outside the home
directory.
2020-06-18 13:12:07 +02:00
Ondrej Holy
d067b5390a glocalfile: Remove redundant private header
There are glocalfile.h and glocalfileprivate.h header files currently.
None of those header files is public, so it doesn't make sense to have
two private headers for glocalfile.c. Let's remove glocalfileprivate.h.
2020-06-18 13:12:06 +02:00
Ondrej Holy
387709338c glocalfile: Handle smb2 filesystem type
`G_FILE_ATTRIBUTE_FILESYSTEM_TYPE` is not set for CIFS mounts with
`vers=2.0` option, or newer. Add `smb2` to the list of known filesystems.
It is also reported by `stat -f`:
https://github.com/coreutils/coreutils/blob/master/src/stat.c
2020-06-18 13:12:06 +02:00
Philip Withnall
00bfb3ab44 tree: Fix various typos and outdated terminology
This was mostly machine generated with the following command:
```
codespell \
    --builtin clear,rare,usage \
    --skip './po/*' --skip './.git/*' --skip './NEWS*' \
    --write-changes .
```
using the latest git version of `codespell` as per [these
instructions](https://github.com/codespell-project/codespell#user-content-updating).

Then I manually checked each change using `git add -p`, made a few
manual fixups and dropped a load of incorrect changes.

There are still some outdated or loaded terms used in GLib, mostly to do
with git branch terminology. They will need to be changed later as part
of a wider migration of git terminology.

If I’ve missed anything, please file an issue!

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-06-12 15:01:08 +01:00
Michael Catanzaro
4db1336ff6 gtlsconnection: Improve documentation of peer-certificate[-errors]
In glib-networking#127, it was reported that we don't properly implement
the documented behavior of these properties. However, we cannot fix it
because libsoup relies on the implemented behavior, and it's hard to
change that without cascading breakage. The practical solution is to
adjust our documentation to match reality. There should be no downsides
to this, and compat risk of changing the documentation is much smaller
than risk of changing the implementation, so I think this is the best we
can make of an unfortunate situation. See glib-networking#127 for full
discussion and glib-networking#129 for the regression when we attempted
to match the documented behavior.
2020-06-10 09:56:47 -05:00
Simon McVittie
44c004c84e Normalize C source files to end with exactly one newline
Some editors automatically remove trailing blank lines, or
automatically add a trailing newline to avoid having a trailing
non-blank line that is not terminated by a newline. To avoid unrelated
whitespace changes when users of such editors contribute to GLib,
let's pre-emptively normalize all files.

Unlike more intrusive whitespace normalization like removing trailing
whitespace from each line, this seems unlikely to cause significant
issues with cherry-picking changes to stable branches.

Implemented by:

    find . -name '*.[ch]' -print0 | \
    xargs -0 perl -0777 -p -i -e 's/\n+\z//g; s/\z/\n/g'

Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-06-10 09:48:02 +01:00
Avinash Sonawane
e91f4ac961 docs: Add (nullable) annotations 2020-06-05 18:40:37 +05:30
Руслан Ижбулатов
8651bee90f GWin32RegistryKey: Move assertions
While these assertions look right at the first glance,
they actually crash the program. That's because GObject
insists on initializing all construct-only properties
to their default values, which results in
g_win32_registry_key_set_property() being called multiple
times with NULL string, once for each unset property.

If "path" is actually set by the caller, a subsequent
call to set "path-utf16" to NULL will fail an assertion,
since absolute_path is already non-NULL.

With assertions moved the set-to-NULL calls bail out before
an assertion is made.
2020-06-05 10:31:25 +00:00
Sebastian Dröge
4556bf1e24 gthreadedsocketservice: Mark source_object of run signal as nullable 2020-06-02 13:40:54 +03:00
Nirbheek Chauhan
caec84ae1e Merge branch 'gdbus-codegen-exporting' into 'master'
Make symbols generated by gdbus-codegen exportable on Visual Studio-style builds

See merge request GNOME/glib!1452
2020-05-28 13:01:46 +00:00
Chun-wei Fan
a94f32f140 gdbus-object-manager-example: Fix build on Visual Studio
This ensures that we do really export the symbols for Visual
Studio-style builds, by using _GLIB_EXTERN to decorate the generated
prototypes and including config.h so that we are sure the symbols are
actually exported.
2020-05-28 17:20:22 +08:00
Chun-wei Fan
d955719f04 gdbus-codegen: Allow decorating symbols in headers
This adds three options to gdbus-codegen so that we may be able to
use a self-defined symbol decorator, such as _GLIB_EXTERN, to decorate
the generated prototypes, to be used possibly to export the symbols, if
needed.

The other two options allows including headers that are required for the
specified symbol decorator to be usable and preprocessor macros that are
required for the symbol decorator to be defined appropriately, also when
needed.
2020-05-28 17:20:22 +08:00
Chun-wei Fan
47716bcec9 glib-compile-resources: Fix exporting on Visual Studio
Have the generated .c code decorate the prototypes with "G_MODULE_EXPORT"
instead of "extern" when --internal is not being used, so that we also
export the symbols from the generated code on Visual Studio-style
compilers.  If --internal is used, we decorate the prototypes with
"G_GNUC_INTERNAL", as we did before.

Note that since the generated .c code does not attempt to include the
generated headers (if one is also generated), the gnerated headers are
still generated as they were before.
2020-05-23 10:35:05 +08:00
Philip Withnall
2ba0f14b52 Merge branch 'w32reg-mui' into 'master'
MUI capabilities for GWin32RegistryKey

See merge request GNOME/glib!1341
2020-05-22 16:21:41 +00:00
Руслан Ижбулатов
f77a6a1626 GWin32AppInfo: Drop read_resource_string(), use GWin32RegistryKey
Now GWin32RegistryKey can internally do the same thing that
read_resource_string() does, and more.
2020-05-22 14:17:12 +00:00
Sebastian Dröge
2730e5dcc3 Merge branch 'fix-file-test' into 'master'
tests: Speed up the file test and make it more reliable

See merge request GNOME/glib!1508
2020-05-22 10:54:58 +00:00
Philip Withnall
26c433d26c tests: Speed up the file test and make it more reliable
Sometimes this test was timing out due to the file monitor notifications
taking longer than the arbitrary 2s delay before ending the test and
checking its results at the end of `iclosed_cb()`.

Avoid that timing-dependence by ending the test when the expected file
monitor notifications are seen, or after a 10s timeout (if so, the test
is failed).

This makes the test run 4× faster in the normal case, as it’s no longer
waiting for a timeout to elapse if the file monitor notifications come
in sooner.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-05-22 11:05:27 +01:00
Philip Withnall
43969bf41a tests: Port file test to use g_assert_*() rather than g_assert()
g_assert() can be compiled out with G_DISABLE_ASSERT, which renders the
test rather useless.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-05-22 11:04:34 +01:00
Philip Withnall
9f27f49e34 tests: Speed up the cancellable test
The test added for #1841 spawned 100000 threads. That was fine on a
desktop machine, but on a heavily loaded CI machine, it could result in
large (and unpredictable) slowdowns, resulting in the test taking over
120s in about 1 in 5 runs, and hence failing that CI pipeline due to a
timeout. When passing normally on CI, the test would take around 90s.

Here’s a histogram of time per iteration on a failing (timed out) test
run. Each iteration is one thread spawn:

  Iteration duration (µs) | Frequency
  ------------------------+----------
                     ≤100 |     0
                  100–200 | 30257
                  200–400 | 13696
                  400–800 |  1046
                 800–1000 |   123
                1000–2000 |   583
                2000–4000 |  3779
                4000–8000 |  4972
               8000–10000 |  1027
              10000–20000 |  2610
              20000–40000 |   650
              40000–80000 |    86
             80000–100000 |    10
            100000–200000 |     2
                  >200000 |     0

There’s no actual need for the test to spawn 100000 threads, so rewrite
it to reuse a single thread, and pass new data to that thread.

Reverting the original commit (e4a690f5dd) reproduces the failure on
100 out of 100 test runs with this commit applied, so the test still
works.

The test now takes 3s, rather than 11s, to run on my computer, and has
passed when run with `meson test --repeat 1000 cancellable`.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-05-20 17:21:14 +01:00
Руслан Ижбулатов
a22a15dc5a GWin32RegistryKey: add MUI capabilities to get_value()
An extra argument to g_win32_registry_key_get_value_w() and
g_win32_registry_key_get_value() indicates that RegLoadMUIStringW()
should be used instead of RegQueryValueExW(). It only works on
strings, and automatically resolves resource strings (the ones
that start with "@").

The extra argument is needed to find resource DLLs that are only
specified by their relative name.
2020-05-20 14:23:49 +00:00
Dr. Michael Lauer
ec2f60a008 gio: add gcredential support for macOS
[smcv: Apply my review feedback from
<https://bugzilla.gnome.org/show_bug.cgi?id=668866>]

Co-authored-by: Simon McVittie <smcv@collabora.com>
Resolves: https://gitlab.gnome.org/GNOME/glib/issues/507
2020-05-07 14:19:16 +01:00
Simon McVittie
05cb229082 GCredentials: Add the concept of credentials that lack the process ID
struct xucred on macOS doesn't have the process ID, only the user ID
and groups.

Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-05-07 14:19:16 +01:00
Philip Withnall
217f1ea3fb Merge branch 'wip/tintou/gdesktopappinfo-nullable' into 'master'
gdesktopappinfo: Add several nullable annotation to GAppInfo getters

See merge request GNOME/glib!1463
2020-05-07 10:31:53 +00:00
Philip Withnall
e4e875a91f Merge branch 'wip/smcv/credentials-docs' into 'master'
GCredentials documentation fixes

See merge request GNOME/glib!1456
2020-05-07 10:29:21 +00:00
Philip Withnall
5bef5628f5 Merge branch 'mcatanzaro/verify-chain-docs' into 'master'
Improve documentation of g_tls_database_verify_chain()

See merge request GNOME/glib!1475
2020-05-07 09:48:11 +00:00
Corentin Noël
0663a9bd56 gdesktopappinfo: Add several nullable annotation to GAppInfo getters
Some functions can return a NULL GAppInfo when the conditions given as arguments are not met.
2020-05-07 10:30:39 +01:00
Simon McVittie
e33b0d0410 GCredentials: Document when NETBSD_UNPCBID was added
Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-05-07 10:25:14 +01:00
Simon McVittie
3e61acddc5 GCredentials: Format C library type names as code
Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-05-07 10:25:14 +01:00
Philip Withnall
f9ab23465e Merge branch 'mcatanzaro/client-connection-validation-flags' into 'master'
Improve documentation of client connection validation flags

See merge request GNOME/glib!1479
2020-05-07 08:53:38 +00:00
Michael Catanzaro
33c9c305e3 Improve documentation of g_tls_database_verify_chain()
It is critical to mention how the identity parameter is expected to be
handled. In particular, if identity is not passed, then the identity of
the server certificate will not be checked at all. This is in contrast
to the connection-level APIs, which are supposed to be fail-safe. The
database and certificate-level APIs are more manual.
2020-05-07 09:52:47 +01:00
Michael Catanzaro
407b86afb8 Improve documentation of client connection validation flags
Validation fails if ANY of the flags are set. Not if they're ALL set.
This is obvious and no programmer would be confused, but let's fix it
anyway.
2020-05-05 13:58:07 -05:00
Philip Withnall
662771464a gdbusauthmechanismsha1: Reduce syscalls from ensure_keyring_directory()
There’s no need to call `access()` and then `stat()` on the keyring
directory to check that it exists, is a directory, and has the right
permissions. Just call `stat()`.

This eliminates one potential TOCTTOU race in this code.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Helps: #1954
2020-05-05 16:07:32 +01:00
Philip Withnall
ed81cbc9b5 gdbusauthmechanismsha1: Fix race in keyring_acquire_lock()
There was a time-of-check-to-time-of-use (TOCTTOU) race in the keyring
lock code, where it would check the existence of the lock file using
`access()`, then proceed to call `open(O_CREAT | O_EXCL)` to try and
create the lock file once `access()` showed that it didn’t exist.

The problem is that, because this is happening in a shared directory
(`~/.dbus-keyrings`), another process could quite legitimately create
the lock file in the meantime.

Instead, unconditionally call `open()` and ignore errors from it (which
will be returned if the lock file already exists) until it succeeds (or
the code times out).

This eliminates the TOCTTOU race, and simplifies the timeout behaviour
so there aren’t two loops (check for existence, try to create)
happening. It brings this code in line with what dbus.git does (see
`_dbus_keyring_lock()`).

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Fixes: #1954
2020-05-05 16:07:32 +01:00
Philip Withnall
d6bab03150 gdbusauthmechanismsha1: Fix keyring lock file permissions
Why should it have the sticky bit set? dbus.git sets permissions 0600;
so should GLib.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-05-05 16:07:32 +01:00