Commit Graph

21710 Commits

Author SHA1 Message Date
Dr. Michael Lauer
ec2f60a008 gio: add gcredential support for macOS
[smcv: Apply my review feedback from
<https://bugzilla.gnome.org/show_bug.cgi?id=668866>]

Co-authored-by: Simon McVittie <smcv@collabora.com>
Resolves: https://gitlab.gnome.org/GNOME/glib/issues/507
2020-05-07 14:19:16 +01:00
Simon McVittie
05cb229082 GCredentials: Add the concept of credentials that lack the process ID
struct xucred on macOS doesn't have the process ID, only the user ID
and groups.

Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-05-07 14:19:16 +01:00
Philip Withnall
a9a7aa05dc Merge branch 'wip/hadess/update-fedora-ci' into 'master'
Update Fedora CI

See merge request GNOME/glib!1464
2020-05-07 11:42:08 +00:00
Philip Withnall
217f1ea3fb Merge branch 'wip/tintou/gdesktopappinfo-nullable' into 'master'
gdesktopappinfo: Add several nullable annotation to GAppInfo getters

See merge request GNOME/glib!1463
2020-05-07 10:31:53 +00:00
Philip Withnall
e4e875a91f Merge branch 'wip/smcv/credentials-docs' into 'master'
GCredentials documentation fixes

See merge request GNOME/glib!1456
2020-05-07 10:29:21 +00:00
Bastien Nocera
555fc57a1c ci: Fix documentation tarball compression
Best compress using xz when using .tar.xz suffixes.
2020-05-07 11:14:35 +01:00
Bastien Nocera
48f756616d ci: Fix paths for dist'ed documentation 2020-05-07 11:14:35 +01:00
Bastien Nocera
62bffc294a ci: Update Fedora version to latest stable
This newer version of Fedora also includes a newer version of gtk-doc
that should satisfy the update dependency:
Dependency gtk-doc found: NO found '1.29' but need: '>=1.32'

See https://bodhi.fedoraproject.org/updates/FEDORA-2020-f93ef1b300
2020-05-07 11:13:57 +01:00
Philip Withnall
ae1003450e Merge branch 'gthread-deprecated' into 'master'
gthread: ignore deprecated declarations in static inline functions

Closes #2094

See merge request GNOME/glib!1472
2020-05-07 09:49:50 +00:00
Philip Withnall
5bef5628f5 Merge branch 'mcatanzaro/verify-chain-docs' into 'master'
Improve documentation of g_tls_database_verify_chain()

See merge request GNOME/glib!1475
2020-05-07 09:48:11 +00:00
Corentin Noël
0663a9bd56 gdesktopappinfo: Add several nullable annotation to GAppInfo getters
Some functions can return a NULL GAppInfo when the conditions given as arguments are not met.
2020-05-07 10:30:39 +01:00
Simon McVittie
e33b0d0410 GCredentials: Document when NETBSD_UNPCBID was added
Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-05-07 10:25:14 +01:00
Simon McVittie
3e61acddc5 GCredentials: Format C library type names as code
Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-05-07 10:25:14 +01:00
Philip Withnall
9d34514f7d Merge branch 'th/g-ptr-array-variable-cleanups' into 'master'
[th/g-ptr-array-variable-cleanups] minor cleanup of variables for GPtrArray

See merge request GNOME/glib!1482
2020-05-07 09:10:19 +00:00
Philip Withnall
f9ab23465e Merge branch 'mcatanzaro/client-connection-validation-flags' into 'master'
Improve documentation of client connection validation flags

See merge request GNOME/glib!1479
2020-05-07 08:53:38 +00:00
Michael Catanzaro
33c9c305e3 Improve documentation of g_tls_database_verify_chain()
It is critical to mention how the identity parameter is expected to be
handled. In particular, if identity is not passed, then the identity of
the server certificate will not be checked at all. This is in contrast
to the connection-level APIs, which are supposed to be fail-safe. The
database and certificate-level APIs are more manual.
2020-05-07 09:52:47 +01:00
Philip Withnall
2be506a3be Merge branch 'ci-msys2-use-old-meson' into 'master'
CI: Make sure we use meson 0.49.2 in MSYS2

See merge request GNOME/glib!1480
2020-05-07 08:47:56 +00:00
Philip Withnall
19b6e30cc7 Merge branch 'th/g-ptr-array-extend-and-steal-crash' into 'master'
array: fix corrupt state of GPtrArray after g_ptr_array_extend_and_steal()

See merge request GNOME/glib!1481
2020-05-07 08:41:23 +00:00
Thomas Haller
cf1263bbb9 array: combine loop variables in g_ptr_array_remove_range() 2020-05-07 09:07:31 +02:00
Thomas Haller
507818aabd array: use guint type for loop variable iterating over GPtrArray.len elements
GPtrArray.len is guint. The type of the loop variable should match.

While at it, move some of the variables closer to the scope where they are
used.
2020-05-07 09:07:07 +02:00
Thomas Haller
8b542aac0c array: fix corrupt state of GPtrArray after g_ptr_array_extend_and_steal()
g_ptr_array_extend_and_steal() leaves the GPtrArray in an invalid state,
so if you would try to append another pointer, it leads to a crash.

Also adjust the test case so that it would result in the crash (without
the fix).

Fixes: 0675703af0 ('Adding g_ptr_array_extend_and_steal() function to glib/garray.c')
2020-05-07 08:58:41 +02:00
Christoph Reiter
534a92f35f CI: Make sure we use meson 0.49.2 in MSYS2
pip in MSYS2 seems to install scripts into $USERPROFILE instead of $HOME
which means the MSYS2 meson, which is newer, wins. Make sure $USERPROFILE
is in PATH as well.
2020-05-06 22:07:37 +02:00
Michael Catanzaro
407b86afb8 Improve documentation of client connection validation flags
Validation fails if ANY of the flags are set. Not if they're ALL set.
This is obvious and no programmer would be confused, but let's fix it
anyway.
2020-05-05 13:58:07 -05:00
Simon McVittie
3b3026b763 Merge branch 'wip/pwithnall/1954-dbus-keyring-handling' into 'master'
Fix TOCTTOU races in D-Bus SHA-1 auth mechanism

Closes #1954

See merge request GNOME/glib!1477
2020-05-05 16:07:28 +00:00
Philip Withnall
662771464a gdbusauthmechanismsha1: Reduce syscalls from ensure_keyring_directory()
There’s no need to call `access()` and then `stat()` on the keyring
directory to check that it exists, is a directory, and has the right
permissions. Just call `stat()`.

This eliminates one potential TOCTTOU race in this code.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Helps: #1954
2020-05-05 16:07:32 +01:00
Philip Withnall
ed81cbc9b5 gdbusauthmechanismsha1: Fix race in keyring_acquire_lock()
There was a time-of-check-to-time-of-use (TOCTTOU) race in the keyring
lock code, where it would check the existence of the lock file using
`access()`, then proceed to call `open(O_CREAT | O_EXCL)` to try and
create the lock file once `access()` showed that it didn’t exist.

The problem is that, because this is happening in a shared directory
(`~/.dbus-keyrings`), another process could quite legitimately create
the lock file in the meantime.

Instead, unconditionally call `open()` and ignore errors from it (which
will be returned if the lock file already exists) until it succeeds (or
the code times out).

This eliminates the TOCTTOU race, and simplifies the timeout behaviour
so there aren’t two loops (check for existence, try to create)
happening. It brings this code in line with what dbus.git does (see
`_dbus_keyring_lock()`).

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Fixes: #1954
2020-05-05 16:07:32 +01:00
Philip Withnall
d6bab03150 gdbusauthmechanismsha1: Fix keyring lock file permissions
Why should it have the sticky bit set? dbus.git sets permissions 0600;
so should GLib.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-05-05 16:07:32 +01:00
Philip Withnall
f4dc46db45 gdbusauthmechanismsha1: Fix return type in precondition guards
Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-05-05 16:07:32 +01:00
Philip Withnall
6bf221c441 tests: Isolate directory access for gdbus-server-auth test
When multiple tests were run in parallel, this would race on its access
to `~/.dbus-keyrings` to authenticate with the D-Bus server, since the
keyring directory was not appropriately sandboxed to the unit test.

Use `G_TEST_OPTION_ISOLATE_DIRS` to automatically isolate each unit
test’s directory usage.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Fixes: #1954
2020-05-05 16:07:32 +01:00
Philip Withnall
6978a4f87a tests: Fix a memory leak in gdbus-server-auth
Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-05-05 16:07:32 +01:00
Simon McVittie
da84e9eb26 Merge branch 'wip/pwithnall/2092-stupid-dbus-tests-again' into 'master'
tests: Fix remaining race in gdbus-connection filter test

Closes #1957 and #2092

See merge request GNOME/glib!1476
2020-05-05 14:52:09 +00:00
Philip Withnall
2f171d0ed4 tests: Fix remaining race in gdbus-connection filter test
Commit 721e385 left one remaining race in the filter test, with a
comment associated with it. Unfortunately, the (seemingly unrelated)
changes in #1841 to `GCancellable` seem to have made this remaining race
a lot more likely to fail on FreeBSD than before.

What’s likely to have happened (although I was unable to reproduce the
failure, due to not having a FreeBSD system; I was only able to
reproduce the problem as a 3/1000 failure on Linux, which is still worth
fixing) is that the atomic write of the `FilterData.serial` to be
expected by the filter function sometimes happened after the filter
function had executed, so the expected message was dropped and didn’t
result in an update to the `FilterData` state.

Rework the test so that instead of setting some expectations (on
`FilterData`) in one thread and then checking them in another thread,
the worker thread just unconditionally returns messages from the filter
function to the main thread, and then the main thread checks whether the
expected one has been filtered.

With this change applied, the `gdbus-connection` test passes 5000 times
in a row for me, on Linux; and doesn’t seem to fail any more on the
FreeBSD CI machines over a few runs. (Previously it failed on 4/5 runs.)

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Fixes: #2092
Fixes: #1957
2020-05-05 13:29:29 +01:00
Philip Withnall
1e598b98e3 Merge branch 'desktop-search-docs' into 'master'
gdesktopappinfo: Note that search results are not filtered

See merge request GNOME/glib!1455
2020-05-05 09:21:18 +00:00
Philip Withnall
5314a20389 gdesktopappinfo: Note that search results are not filtered
Mention in the documentation that (presumably for performance reasons)
the search results from `g_desktop_app_info_search()` are not filtered
by executable presence or hidden attribute.

Perhaps they should be in future, but for now we should at least
document it.

Spotted by Will Thompson.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2020-05-05 09:29:50 +01:00
Philip Withnall
fbba0d4556 Merge branch 'patch-1' into 'master'
meson: Exclude gosxutils.m when building for iOS

See merge request GNOME/glib!1458
2020-05-04 10:22:56 +00:00
Philip Withnall
bcbcc0ec42 Merge branch '1911-valgrind-suppression' into 'master'
glib.supp: Allow possible leaks of g_type_register_static()

Closes #1911

See merge request GNOME/glib!1474
2020-05-03 09:50:15 +00:00
Philip Chimento
567caa9b29 glib.supp: Allow possible leaks of g_type_register_static()
It seems this should not only be marked reachable, but also for possible
leaks, as the realloc() variant already is.

https://gitlab.gnome.org/GNOME/glib/-/issues/1911
2020-05-02 10:20:43 -07:00
Simon Marchi
cc58ce6a74 gthread: ignore deprecated declarations in static inline functions
With a trivial file that just includes glib.h:

    #include <glib.h>

Compiled with:

    gcc -c test.c \
      -I /tmp/glib/include/glib-2.0/ \
      -I /tmp/glib/lib/x86_64-linux-gnu/glib-2.0/include \
      -DGLIB_VERSION_MAX_ALLOWED=GLIB_VERSION_2_28 \
      -DGLIB_VERSION_MIN_REQUIRED=GLIB_VERSION_2_28 \
      -fmax-errors=1 \
      -Werror

We get:

    In file included from /tmp/glib/include/glib-2.0/glib/gasyncqueue.h:32,
                     from /tmp/glib/include/glib-2.0/glib.h:32,
                     from test.c:1:
    /tmp/glib/include/glib-2.0/glib/gthread.h: In function ‘g_rec_mutex_locker_new’:
    /tmp/glib/include/glib-2.0/glib/gthread.h:396:3: error: ‘g_rec_mutex_lock’ is deprecated: Not available before 2.32 [-Werror=deprecated-declarations]
      396 |   g_rec_mutex_lock (rec_mutex);
          |   ^~~~~~~~~~~~~~~~
    /tmp/glib/include/glib-2.0/glib/gthread.h:196:17: note: declared here
      196 | void            g_rec_mutex_lock                (GRecMutex      *rec_mutex);
          |                 ^~~~~~~~~~~~~~~~
    compilation terminated due to -fmax-errors=1.

The problem is that the code in the static inline functions uses
g_rec_mutex_lock, introduced after 2.28.  This code is compiled
regardless of if it's actually used or not.

Suppress the warning by using G_GNUC_BEGIN_IGNORE_DEPRECATIONS /
G_GNUC_END_IGNORE_DEPRECATIONS.  There are precedents for doing that,
for example g_main_context_pusher_new in gmain.h.

Tested by building with all variations of GLIB_VERSION_MIN_REQUIRED /
GLIB_VERSION_MAX_ALLOWED:

    for i in $(seq 26 2 64); do
      gcc -c test.c \
        -I/tmp/glib/include/glib-2.0 \
        -I/tmp/glib/lib/x86_64-linux-gnu/glib-2.0/include \
        -DGLIB_VERSION_MAX_ALLOWED=GLIB_VERSION_2_$i \
        -DGLIB_VERSION_MIN_REQUIRED=GLIB_VERSION_2_$i \
        -fmax-errors=1 \
        -Werror
    done

Fixes: #2094
2020-05-01 15:11:37 -04:00
Philip Withnall
fecaa5a5ea Merge branch 'imports' into 'master'
Don't fail a test if optional dependencies are not present

Closes #2083

See merge request GNOME/glib!1448
2020-05-01 17:05:05 +00:00
Philip Withnall
89f964e333 Merge branch 'clang-format-nonliteral' into 'master'
Silence clang errors about -Wformat-nonliteral due to missing intermediate attributes

See merge request GNOME/glib!1440
2020-05-01 16:57:53 +00:00
Philip Withnall
2e2f737f93 Merge branch 'gnulib-isnan' into 'master'
meson: Fix the gnulib checks for isnan* functions

See merge request GNOME/glib!1459
2020-05-01 16:47:40 +00:00
Philip Withnall
8a8de39b81 Merge branch 'valgrind-header-sync' into 'master'
glib: Sync the local modification to glib/valgrind.h to what was upstreamed

See merge request GNOME/glib!1460
2020-05-01 16:34:45 +00:00
Philip Withnall
429da9edd7 Merge branch 'windows-ci-switch-master' into 'master'
CI: Switch to new Windows runners

See merge request GNOME/glib!1466
2020-05-01 16:20:44 +00:00
Cheng-Chia Tseng
123e8c9bf6 Update Chinese (Taiwan) translation 2020-05-01 13:16:53 +00:00
Daniel Mustieles
7aa3b675dd Updated Spanish translation 2020-04-30 12:50:49 +02:00
Christoph Reiter
c3645a84b6 CI: Switch to new Windows runners
gitlab will drop cmd.exe support with GitLab 13 so I took the opportunity to
add new runners with Windows 2016 and powershell as default.

These runners are tagged with win32-ps instead of win32. The old runners
will be switched off in the coming weeks.

The main difference is that all commands and env expansions use powershell
and Windows 2016 instead of 2012r2.
2020-04-29 08:56:56 +02:00
Philip Withnall
c9bf247eb9 Merge branch 'update-variant-child-value-docs' into 'master'
gvariant-core: Add a note about memory safety of children

See merge request GNOME/glib!1462
2020-04-28 11:13:43 +00:00
Matthew Leeds
51b822787e gvariant-core: Add a note about memory safety of children
When g_variant_get_child() is called on a variant which has not been
serialized, it serializes it which includes a call to
g_variant_release_children() and therefore means that any children
previously retrieved from the variant are no longer valid (unless
another reference is held on them) and consequently values borrowed from
those children are no longer safe to access. Add a note to the
g_variant_get_child_value() documentation to explain this.

Alternatively, we could say that after the child is freed, values
borrowed from it are no longer valid. But we already have an
implementation which hasn't changed in years which lets them stay valid
if the variant was serialized before the first
g_variant_get_child_value() call.

Here's a demonstration of the memory error:

static const char *get_first_child (GVariant *v) {
    g_autoptr(GVariant) child_v = g_variant_get_child_value (v, 0);
    return g_variant_get_string (child_v, NULL);
}
int main(int argc, char **argv) {
    g_autoptr(GVariant) v = g_variant_new("(@ss)", g_variant_new_string ("hello"), "world");
    const char *child1 = get_first_child (v);
    const char *child2;
    g_variant_get_child (v, 1, "&s", &child2);
    printf ("%s\n", child1); // this is a memory error
    return 0;
}
2020-04-27 17:31:53 -07:00
Martin Storsjö
8bee9febea glib: Sync the local modification to glib/valgrind.h to what was upstreamed
The local change from af0e0cb995 in glib ended upstreamed
as 7359c5fd9f312cddd62146896558d8c9bd2bd4cf in valgrind, with
a few minor adjustments requested from there.

Sync this local modification to what ended up upstreamed, to avoid
any doubt regarding it for future syncs of the whole header.
2020-04-27 22:00:50 +03:00
Martin Storsjö
6cae01c2f5 Silence clang errors about -Wformat-nonliteral due to missing intermediate attributes
By default, meson builds glib with -Werror=format=2, which
implies -Werror=format-nonliteral. With these flags, clang errors
out on e.g. the g_message_win32_error function, due to "format
string is not a string literal". This function takes a format
string, and passes the va_list of the arguments onwards to
g_strdup_vprintf, which is annotated with printf attributes.

When passing a string+va_list to another function, GCC doesn't warn
with -Wformat-nonliteral. Clang however does warn, unless the
functions themselves (g_message_win32_error and set_error) are decorated
with similar printf attributes (to force the same checks upon the
caller) - see
https://clang.llvm.org/docs/AttributeReference.html#format
for reference.

Adding these attributes revealed one existing mismatched format string
(fixed in the preceding commit).
2020-04-27 16:26:04 +03:00