luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2024-11-09 19:06:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
Low-level core library that forms the basis for projects such as GTK+ and GNOME.
25,693 Commits 296 Branches 577 Tags 134 MiB
C 95.3%
Python 2.4%
Meson 1.3%
Objective-C 0.3%
Shell 0.2%
Other 0.5%
e0a0749268
Go to file
Simon McVittie e0a0749268 gdbusauthmechanismexternal: Optionally send empty authorization identity 
When using a GDBus client in a non-trivial user namespace, the result of
geteuid() can differ from the uid in the namespace where the server is
running. This would result in connection attempts being rejected, because
the identity that the client claims to have does not match the identity
that the server derives from its credentials.

RFC 4422 allows us to send an empty authorization identity, which means we
want to authenticate as whatever identity the server can derive from our
out-of-band credentials. In particular, this resolves the authentication
failure when crossing between different Linux user namespaces.

Because D-Bus does not have a way to represent an empty initial response
as distinct from the absence of an initial response, we cannot use the
initial-response optimization (RFC 4422 §4.3.a) in this case, and must
fall back to waiting for the server to send a challenge.

Unfortunately, GDBus versions older than glib!2826 did not implement
the server side of this protocol correctly, and would respond to the
missing initial response in a way that breaks the SASL state machine
(expecting a response without sending a challenge), causing client and
server to deadlock with each waiting for the other to respond. Until
fixed versions of GDBus are widespread, we can't rely on having a server
that can cope with this, so gate it behind a flag, which can be set for
connections that are known to cross non-trivial namespace boundaries.

Originally inspired by
<1ed4723d38>,
and based on earlier work by Giuseppe Scrivano (in which the
cross-namespace behaviour was unconditional, rather than gated by a
flag).

Co-authored-by: Giuseppe Scrivano <giuseppe@scrivano.org>
Signed-off-by: Simon McVittie <smcv@collabora.com>
2022-07-24 13:46:26 +01:00
.gitlab-ci replace pcre1 with pcre2 2022-07-12 11:46:34 +00:00
.reuse docs: Mark .wrap files as uncopyrightable 2022-07-05 12:15:15 +01:00
docs replace pcre1 with pcre2 2022-07-12 11:46:34 +00:00
fuzzing meson: fix build without cpp toolchain 2022-07-15 12:58:41 -06:00
gio gdbusauthmechanismexternal: Optionally send empty authorization identity 2022-07-24 13:46:26 +01:00
glib Merge branch 'flag-reverse-docs' into 'main' 2022-07-23 17:39:29 +00:00
gmodule meson: fix build without cpp toolchain 2022-07-15 12:58:41 -06:00
gobject Merge branch 'more-atomic-ops' into 'main' 2022-07-23 11:35:08 +00:00
gthread Add SPDX license headers for LGPL-2.1-or-later to various files 2022-06-01 12:44:23 +01:00
LICENSES docs: Add all used licenses in a REUSE-compatible directory 2022-05-17 17:23:34 +01:00
m4macros m4macros: Increment serial number of glib-2.0.m4 2021-01-27 11:55:37 +00:00
po Update Georgian translation 2022-07-24 05:58:13 +00:00
subprojects replace pcre1 with pcre2 2022-07-12 11:46:34 +00:00
tests Convert tests/assert-msg-test* to glib/tests/assert-msg-test* 2022-06-28 11:19:21 +01:00
tools Merge branch 'more-spdx' into 'main' 2022-07-05 11:06:49 +00:00
.clang-format CI: Code check formating in CI 2019-11-21 14:03:01 -06:00
.dir-locals.el Add .dir-locals.el to tell Emacs users not to use tabs for C 2012-07-30 04:09:08 -04:00
.editorconfig docs: Add .editorconfig file 2021-10-28 14:47:53 +01:00
.gitignore docs: Move INSTALL.in to INSTALL.md 2022-05-11 13:02:49 +01:00
.gitlab-ci.yml ci: Setup submodules and subprojects before building on dist 2022-07-12 20:25:04 +02:00
.gitmodules build: Move gvdb to a subproject 2022-06-16 10:12:07 +01:00
.lcovrc build: Move lcovrc file to root so it’s picked up by Meson 2022-04-28 11:57:45 +01:00
CODE_OF_CONDUCT.md docs: Add a code of conduct document 2022-05-11 12:30:58 +01:00
CONTRIBUTING.md docs: Add a testing policy 2022-06-14 15:19:32 +01:00
COPYING docs: Add all used licenses in a REUSE-compatible directory 2022-05-17 17:23:34 +01:00
glib.doap docs: Sync glib.doap to set of users listed in CODEOWNERS 2022-06-22 15:54:49 +01:00
HACKING docs: Move README.rationale to docs subdirectory 2022-05-11 13:02:49 +01:00
INSTALL.md docs: Reformat INSTALL.md as Markdown 2022-05-11 13:02:55 +01:00
meson_options.txt meson: simplify iconv lookups using Meson's builtin dependency lookup 2022-06-16 12:04:59 -04:00
meson.build meson: fix build without cpp toolchain 2022-07-15 12:58:41 -06:00
msvc_recommended_pragmas.h msvc_recommended_pragmas.h: Refine for clang-cl 2021-03-30 16:45:07 +08:00
NEWS 2.73.2 2022-07-12 18:32:22 +02:00
README.md docs: Move INSTALL.in to INSTALL.md 2022-05-11 13:02:49 +01:00
README.win32.md README.win32.md: Mention about Window 8+ SDK requirement 2021-02-28 11:04:29 +02:00
SECURITY.md docs: Add a note about git-evtag to SECURITY.md 2021-09-07 11:21:12 +00:00

README.md

GLib

GLib is the low-level core library that forms the basis for projects such as GTK and GNOME. It provides data structure handling for C, portability wrappers, and interfaces for such runtime functionality as an event loop, threads, dynamic loading, and an object system.

The official download locations are: https://download.gnome.org/sources/glib

The official web site is: https://www.gtk.org/

Installation

See the file 'INSTALL.md'

Supported versions

Only the most recent unstable and stable release series are supported. All older versions are not supported upstream and may contain bugs, some of which may be exploitable security vulnerabilities.

See SECURITY.md for more details.

Documentation

API documentation is available online for GLib for the:

Discussion

If you have a question about how to use GLib, seek help on GNOMEs Discourse instance. Alternatively, ask a question on StackOverflow and tag it glib.

Reporting bugs

Bugs should be reported to the GNOME issue tracking system. You will need to create an account for yourself. You may also submit bugs by e-mail (without an account) by e-mailing incoming+gnome-glib-658-issue-@gitlab.gnome.org, but this will give you a degraded experience.

Bugs are for reporting problems in GLib itself, not for asking questions about how to use it. To ask questions, use one of our discussion forums.

In bug reports please include:

  • Information about your system. For instance:
    • What operating system and version
    • For Linux, what version of the C library
    • And anything else you think is relevant.
  • How to reproduce the bug.
    • If you can reproduce it with one of the test programs that are built in the tests/ subdirectory, that will be most convenient. Otherwise, please include a short test program that exhibits the behavior. As a last resort, you can also provide a pointer to a larger piece of software that can be downloaded.
  • If the bug was a crash, the exact text that was printed out when the crash occurred.
  • Further information such as stack traces may be useful, but is not necessary.

Contributing to GLib

Please follow the contribution guide to know how to start contributing to GLib.

Patches should be submitted as merge requests to gitlab.gnome.org. If the patch fixes an existing issue, please refer to the issue in your commit message with the following notation (for issue 123):

Closes: #123

Otherwise, create a new merge request that introduces the change. Filing a separate issue is not required.

Default branch renamed to main

The default development branch of GLib has been renamed to main. To update your local checkout, use:

git checkout master
git branch -m master main
git fetch
git branch --unset-upstream
git branch -u origin/main
git symbolic-ref refs/remotes/origin/HEAD refs/remotes/origin/main