Commit Graph

7699 Commits

Author SHA1 Message Date
Emmanuele Bassi
e08c954693 Fix check before a memcpy
The search_total_results address is always going to be non-zero, so the
check will always evaluate to true, and GCC is kind enough to point this
out to us.

The appropriate fix is checking if the size of the search results array
is larger than zero, and if so, copy them into the total results array.
2022-09-02 12:59:22 +01:00
Marco Trevisan
2ef66ba386 Merge branch 'main' into 'main'
gio-launch-desktop: replace static_assert with G_STATIC_ASSERT

Closes #2713

See merge request GNOME/glib!2858
2022-08-31 15:06:27 +00:00
Matthias Clasen
56236d708f Merge branch 'use-cloexec-epoll' into 'main'
gio-unix: Use EPOLL_CLOEXEC by default

See merge request GNOME/glib!2868
2022-08-27 16:37:11 +00:00
Luca Bacci
e1e9bc9429 Merge branch 'g-win32-app-info-launch-uris-async' into 'main'
GWin32AppInfo: Implement launch_uris_async

Closes gtk#4400

See merge request GNOME/glib!2760
2022-08-27 14:11:10 +00:00
Luca Bacci
53515197df GWin32AppInfo: Instantiate ApplicationActivationManager out-of-process
This is recommended on MSDN
2022-08-26 11:33:22 +02:00
Luca Bacci
d12cf95836 GDesktopAppInfo: Tidy up code a bit
* Remove an unneeded field from LaunchUrisData and add annotations
* Rename local GError* variables to local_error
* Use g_set_object
* Fix indentation
2022-08-26 11:33:22 +02:00
Luca Bacci
361b4a8fc9 GAppInfo: Clarify that GAppInfo launch methods can spawn multiple instances
...of the application if many URI's are provided. This is important to note
because the GAppLaunchContext signals may be emitted multiple times during
a single launch operation.
2022-08-26 11:33:22 +02:00
Luca Bacci
42a76e1631 GWin32AppInfo: Check for task cancellation
We cannot cancel a spawn operation, but sometimes we have to
spawn the target application mutiple times (e.g. in case the
target app only supports one URI in its command-line, but we
were given multiple URI's), in that case continuously check
the cancellation status before attempting any spawn operation
2022-08-26 11:33:22 +02:00
Luca Bacci
cff3e660c1 GWin32AppInfo: Emit GAppLaunchContext signals for all code paths 2022-08-26 11:33:09 +02:00
Colin Walters
426fab1eca gio-unix: Use EPOLL_CLOEXEC by default
First, there's no reason not to use the new `epoll_create1` system call,
which quickly obsoleted `epoll_create` which has an obsolete and
unused size argument.

But more specifically, it offers `EPOLL_CLOEXEC` which we want
to use for general hygeine - there's no reason to potentially
leak this file descriptor to forked processes.

(GLib itself carefully closes file descriptors when forking child
 processes, but it may be linked with other software that doesn't;
 notably in my case for example the Rust standard library does not
 do this and hence relies more on the application code using
 `O_CLOEXEC` and variants)

This is just a drive-by fix; I saw the system call when I was using
`strace` to debug something else in rpm-ostree.
2022-08-26 04:10:22 -04:00
Luca Bacci
f0ff6a6af0 GWin32AppInfo: Add g_win32_app_info_launch_uris_impl utility function
This utility function will be called by both launch_uris and
launch_uris_async, passing a from_task parameter respectively
as NULL and non-NULL. The from_task parameter will be needed
to know whether GAppLaunchContext signals should be emitted
directly (from_task == NULL) or scheduled for emission on the
main thread (from_task != NULL).
2022-08-16 12:29:18 +02:00
Marco Trevisan
813ce7f0b5 gio-launch-desktop: preserve static_assert message 2022-08-15 17:02:06 +00:00
Owen Rafferty
c850a06ea2
gio-launch-desktop: replace static_assert with G_STATIC_ASSERT 2022-08-15 01:41:50 -05:00
Luca Bacci
bf13a5e0a4 GWin32AppInfo: Implement launch_uris_async
Fixes https://gitlab.gnome.org/GNOME/gtk/-/issues/4400
2022-08-12 18:33:20 +02:00
Marco Trevisan (Treviño)
bcddc56c41 gtlscertificate: Update reference to G_TLS_CERTIFICATE_NO_FLAGS
G_TLS_CERTIFICATE_FLAGS_NONE was removed as part of commit aa65fc2537.
2022-08-06 01:33:15 +02:00
Marco Trevisan
a4f60709d5 Merge branch 'mcatanzaro/tls-exporter' into 'main'
Expose tls-exporter channel binding

See merge request GNOME/glib!2853
2022-08-05 22:01:37 +00:00
Michael Catanzaro
9d37075a00 Expose tls-exporter channel binding
Required for glib-networking#191
2022-08-05 16:02:09 -05:00
Marco Trevisan
6965f6457e Merge branch 'iss2588' into 'main'
gio-tool: -d option to delete attribute

Closes #2588

See merge request GNOME/glib!2845
2022-08-05 19:21:58 +00:00
Luca Bacci
d3ae4cc809 GWin32AppInfo: Ensure COM is initialized when activating UWP apps
Using the Application Activation Manager coclass. Its threading model
is marked as 'both', so it can be instantiated in any apartment type
without marshaling.
2022-08-04 21:35:08 +02:00
Luca Bacci
cdb8e5e9c5 Fix warnings in GCancellable test 2022-08-03 20:38:59 +02:00
Luca Bacci
a1737ece06 Fix GCancellable tests for Windows 64bit
Fixes https://gitlab.gnome.org/GNOME/glib/-/issues/2703
2022-08-03 20:33:46 +02:00
Luca Bacci
0cb43a4965 Merge branch 'g-win32-app-info-launched-signal-actually-report-pid' into 'main'
GWin32AppInfo: Fix PID reporting in launched signal

See merge request GNOME/glib!2299
2022-08-02 14:51:26 +00:00
Luca Bacci
45bdeeddff GWin32AppInfo: Actually report the GPid in the GAppLaunchContext::launched signal
We need to pass the G_SPAWN_DO_NOT_REAP_CHILD flag to g_spawn_async,
otherwise the returned child_pid will always be 0.
2022-08-02 16:38:32 +02:00
codeboybebop
ece66f11fc gio-tool: -d option to delete attribute
gio tool has support for deleting attributes of the file. To delete attribute user
should specify type '--type="unset"'. This is not mentioned in help and therefore not
intuitive. By adding '-d' option, we make this process more obvious.

closes #2588
2022-07-31 13:19:50 -05:00
Emmanuele Bassi
a9394bd68e Implement GFileIface.set_display_name() for resource files
Resource files cannot be renamed, and GFileIface.set_display_name() is
mandatory.

Fixes: #2705
2022-07-30 20:06:07 +01:00
madmurphy
b295c53769 gfileinfo: Implement xattr attribute removal
Fixes: #1187
2022-07-26 07:58:32 +00:00
Emmanuele Bassi
8f68c1e646 Rename G_MARKUP_PARSE_FLAGS_NONE
The prefix for GMarkupParseFlags enumeration members is G_MARKUP; this
means that G_MARKUP_PARSE_FLAGS_NONE gets split into
GLib.MarkupParseFlags.PARSE_FLAGS_NONE by the introspection scanner.

The `/*< nick=none >*/` trigraph attribute is a glib-mkenum thing, and
does not affect the introspection scanner; it would also only affect the
GEnumValue nickname, which is not used by language bindings to resolve
the name of the enumeration member. Plus, GMarkupParseFlags does not
have a corresponding GType anyway.
2022-07-25 22:30:22 +01:00
Emmanuele Bassi
aa65fc2537 Rename G_TLS_CERTIFICATE_FLAGS_NONE
The prefix is G_TLS_CERTIFICATE, not G_TLS_CERTIFICATE_FLAGS. Having
G_TLS_CERTIFICATE_FLAGS_NONE leads to a FLAGS_NONE nick in the GType,
and a FLAGS_NONE member name in the introspection data.
2022-07-25 22:30:22 +01:00
Emmanuele Bassi
09234b50fe Introduce G_APPLICATION_DEFAULT_FLAGS
Enumeration members should either have the name of the type as their
prefix, or they should all have the same prefix.

The "default flags" enumeration member for GApplicationFlags is
unfortunately named G_APPLICATION_FLAGS_NONE, while every other member
of the same type has a G_APPLICATION prefix. The result is that the nick
name of the enumeration member is "flags-none", and that language
bindings will have to use something like
Gio.ApplicationFlags.FLAGS_NONE.

To fix this API wart, we can deprecate the FLAGS_NONE member, and add a
new DEFAULT_FLAGS.
2022-07-25 22:30:22 +01:00
Simon McVittie
94e05f7f28 gio-launch-desktop: Only replace fds that point to the Journal
If stdout is the Journal but stderr is not, then we probably only want
to redirect stdout, or vice versa.

Signed-off-by: Simon McVittie <smcv@collabora.com>
2022-07-25 10:21:35 +01:00
Philip Withnall
30c840a755 Merge branch 'wip/smcv/gio-launch-desktop-sd-journal' into 'main'
Bring back gio-launch-desktop, use it to redirect stdout/stderr to the Journal

Closes #2682

See merge request GNOME/glib!2819
2022-07-24 23:31:27 +00:00
Philip Withnall
9c1b2399ec Merge branch 'iss2542' into 'main'
gio-tool: Flatten the outputed string

Closes #2542

See merge request GNOME/glib!2834
2022-07-24 23:13:06 +00:00
Simon McVittie
f736414825 gio-launch-desktop: Don't alter stdout/stderr if not already the Journal
Signed-off-by: Simon McVittie <smcv@collabora.com>
2022-07-25 01:00:54 +02:00
Simon McVittie
763643ceaa gio-launch-desktop: Redirect stdout, stderr to systemd Journal
This prevents a launched process's output from being mixed up with the
output of the parent process, which can lead to the wrong program being
blamed for warning messages.

Signed-off-by: Simon McVittie <smcv@collabora.com>
2022-07-25 01:00:54 +02:00
Simon McVittie
ae15c800ce Install gio-launch-desktop in a non-PATH location
This is an internal helper executable, which users shouldn't invoke
directly (see glib#1633).

When building for a single-architecture distribution, we can install
it as ${libexecdir}/gio-launch-desktop.

When building for a multiarch distribution, installing it into an
architecture-specific location and packaging it alongside the GLib
library avoids the problem discussed in glib#1633 where it would either
cause a circular dependency between the GLib library and a common
cross-architecture package (libglib2.0-bin in Debian), or require a
separate package just to contain gio-launch-desktop, or cause different
architectures' copies to overwrite each other.

Signed-off-by: Simon McVittie <smcv@collabora.com>
2022-07-25 01:00:53 +02:00
Simon McVittie
8157668eac gdesktopappinfo: Don't trust $GIO_LAUNCH_DESKTOP if setuid
gio-launch-desktop was removed before checking GIO for potentially
unsafe environment variable references, so reverting its removal brought
this one back. If a setuid program is using GAppInfo then something is
probably already horribly wrong, but let's be careful anyway.

Signed-off-by: Simon McVittie <smcv@collabora.com>
2022-07-25 01:00:53 +02:00
Simon McVittie
e4e21f20e2 gio-launch-desktop: Fix a compiler warning
Signed-off-by: Simon McVittie <smcv@collabora.com>
2022-07-25 01:00:53 +02:00
Simon McVittie
6620d28333 gio-launch-desktop: Add SPDX-License-Identifier
Signed-off-by: Simon McVittie <smcv@collabora.com>
2022-07-25 01:00:53 +02:00
Simon McVittie
6751392934 tests: Avoid using deprecated meson.build_root
Signed-off-by: Simon McVittie <smcv@collabora.com>
2022-07-25 01:00:53 +02:00
Simon McVittie
d0967c1d4a Revert "gdesktopappinfo: Use sh rather than gio-launch-desktop"
A shell one-liner was enough to set GIO_LAUNCHED_DESKTOP_FILE_PID,
but ideally we also want to do the equivalent of sd_journal_stream_fd()
to set up its standard output and standard error streams.

Ideally we would call sd_journal_stream_fd() in a process that will
exec the real program, otherwise it will report the wrong process ID
in the Journal, but we can't easily do that in a forked child when
using posix_spawn() for subprocesses.

This reverts commit 2b533ca99a.

Signed-off-by: Simon McVittie <smcv@collabora.com>
2022-07-25 01:00:53 +02:00
Philip Withnall
206be0a8a1 Merge branch 'wip/smcv/multiarch-triggers' into 'main'
gio: Optionally install trigger executables to architecture-specific paths

See merge request GNOME/glib!2818
2022-07-24 22:57:34 +00:00
codeboybebop
a374b7c806 gio-tool: Flatten the outputed string
Replacing new line in outputed atributes with " ↵ "

closes: #2542
2022-07-24 15:59:43 -05:00
Simon McVittie
32b226d1b1 gdbus: Allow cross-namespace connections to Linux session and system buses
The dominant implementations of the well-known session and system
message buses are the reference implementation from the dbus project
(dbus-daemon) and the sd-bus-based reimplementation dbus-broker, both
of which have correct implementations for EXTERNAL authentication with
an unspecified authorization identity.

This makes it reasonably safe to assume that the well-known message
buses can cope with the unspecified authorization identity, even if we
cannot make the same assumption for custom servers such as the ones
used in ibus and gvfs (which might have been started with an older
GLib version before upgrading GLib in-place).

Signed-off-by: Simon McVittie <smcv@collabora.com>
2022-07-24 14:07:02 +01:00
Simon McVittie
e0a0749268 gdbusauthmechanismexternal: Optionally send empty authorization identity
When using a GDBus client in a non-trivial user namespace, the result of
geteuid() can differ from the uid in the namespace where the server is
running. This would result in connection attempts being rejected, because
the identity that the client claims to have does not match the identity
that the server derives from its credentials.

RFC 4422 allows us to send an empty authorization identity, which means we
want to authenticate as whatever identity the server can derive from our
out-of-band credentials. In particular, this resolves the authentication
failure when crossing between different Linux user namespaces.

Because D-Bus does not have a way to represent an empty initial response
as distinct from the absence of an initial response, we cannot use the
initial-response optimization (RFC 4422 §4.3.a) in this case, and must
fall back to waiting for the server to send a challenge.

Unfortunately, GDBus versions older than glib!2826 did not implement
the server side of this protocol correctly, and would respond to the
missing initial response in a way that breaks the SASL state machine
(expecting a response without sending a challenge), causing client and
server to deadlock with each waiting for the other to respond. Until
fixed versions of GDBus are widespread, we can't rely on having a server
that can cope with this, so gate it behind a flag, which can be set for
connections that are known to cross non-trivial namespace boundaries.

Originally inspired by
<1ed4723d38>,
and based on earlier work by Giuseppe Scrivano (in which the
cross-namespace behaviour was unconditional, rather than gated by a
flag).

Co-authored-by: Giuseppe Scrivano <giuseppe@scrivano.org>
Signed-off-by: Simon McVittie <smcv@collabora.com>
2022-07-24 13:46:26 +01:00
Simon McVittie
0c087d121f gio: Optionally install trigger executables to architecture-specific paths
In Debian-style multiarch (libdir = lib/x86_64-linux-gnu or similar),
Red-Hat-style multilib (libdir = lib64 or lib) and Arch-style multilib
(libdir = lib or lib32), we have to run a separate version of
gio-querymodules to discover 32- or 64-bit modules on x86. Installing
modules in the directory used for each word size needs to trigger
recompilation of the correct modules list.

Debian, Fedora and Arch currently all have patches to facilitate this:
Debian moves gio-querymodules into ${libdir}/glib-2.0 and provides a
compat symlink in ${bindir}, while Fedora and Arch rename one or both
of the gio-querymodules executables to give it a -32 or -64 suffix.

We can avoid the need for these patches by making this a build option.
Doing this upstream has the advantage that the pkg-config metadata for
each architecture points to the correct executable and is in sync with
reality.

I'm using Debian's installation scheme with a separate directory here,
because the word-size suffix used in Fedora and Arch only works for the
common case of 32- and 64-bit multilib, and does not cover scenarios
where there can be more than one ABI with the same word size, such as
multiarch cross-compilation or alternative ABIs like x32.

Now that we have this infrastructure, it's also convenient to use it for
glib-compile-schemas. This works with /usr/share, so it only needs to
be run for one architecture (typically the system's primary
architecture), but using /usr/bin/glib-compile-schemas for the trigger
would result in either primary and secondary architectures trying to
overwrite each other's /usr/bin/glib-compile-schemas binaries, or a
circular dependency (the GLib library would have to depend on a
common package that contains glib-compile-schemas, but
glib-compile-schemas depends on the GLib library). Installing a
glib-compile-schemas binary in an architecture-specific location
alongside each GLib library bypasses this problem.

Signed-off-by: Simon McVittie <smcv@collabora.com>
2022-07-24 11:19:37 +01:00
Philip Withnall
55928d6ac0 Merge branch 'more-atomic-ops' into 'main'
Use atomic exchange operations more

See merge request GNOME/glib!2759
2022-07-23 11:35:08 +00:00
Philip Withnall
8d3dac8f83 Merge branch 'wip/smcv/gdbus-sasl' into 'main'
GDBus: improve interoperability of SASL handshake

See merge request GNOME/glib!2826
2022-07-20 13:01:49 +00:00
Simon McVittie
0c24039874 tests: Add a test for GDBusServer with various simulated clients
Instead of using a GDBusConnection, this does the handshake at a lower
level using specific strings in the SASL handshake, to verify that we
will interoperate with various clients including sd-bus, libdbus and
older versions of GDBus.

Signed-off-by: Simon McVittie <smcv@collabora.com>
2022-07-18 19:39:41 +01:00
Simon McVittie
3f532af65c gdbusauth: Represent empty data block as DATA\r\n, with no space
This is an interoperability fix. The reference implementation of D-Bus
treats "DATA\r\n" as equivalent to "DATA \r\n", but sd-bus does not,
and only accepts the former.

Signed-off-by: Simon McVittie <smcv@collabora.com>
2022-07-18 17:53:40 +01:00
Giuseppe Scrivano
b51e3ab09e GDBusServer: Accept empty authorization identity for EXTERNAL mechanism
RFC 4422 appendix A defines the empty authorization identity to mean
the identity that the server associated with its authentication
credentials. In this case, this means whatever uid is in the
GCredentials object.

In particular, this means that clients in a different Linux user
namespace can authenticate against our server and will be authorized
as the version of their uid that is visible in the server's namespace,
even if the corresponding numeric uid returned by geteuid() in the
client's namespace was different. systemd's sd-bus has relied on this
since commit
1ed4723d38.

[Originally part of a larger commit; commit message added by smcv]

Signed-off-by: Simon McVittie <smcv@collabora.com>
2022-07-18 17:53:32 +01:00