Hi,
I found two issues in the sbus code while testing the by-certificate lookups. One was that if parsing the reply with client UID failed, then errno would have been garbage.
The second is that since we added signal handling, we always receive NameOwnerChanged after someone binds to the bus. But NameOwnerChanged sender is the bus itself, which doesn't reveal the sender ID -- the request to find the sender ID failed and we didn't process the signal at all.
The only related discussion I found was: http://permalink.gmane.org/gmane.comp.freedesktop.dbus/7404 which would indicate that for the bus itself, the UID can't be retrieved. So I modified the request that reads the UID to return a special error in this case and lets the caller handle it -- for signals, we proceed, but for messages, we don't because we can't check the UID against the ACL.
On 08/10/2015 03:31 PM, Jakub Hrozek wrote:
Hi,
I found two issues in the sbus code while testing the by-certificate lookups. One was that if parsing the reply with client UID failed, then errno would have been garbage.
The second is that since we added signal handling, we always receive NameOwnerChanged after someone binds to the bus. But NameOwnerChanged sender is the bus itself, which doesn't reveal the sender ID -- the request to find the sender ID failed and we didn't process the signal at all.
The only related discussion I found was: http://permalink.gmane.org/gmane.comp.freedesktop.dbus/7404 which would indicate that for the bus itself, the UID can't be retrieved. So I modified the request that reads the UID to return a special error in this case and lets the caller handle it -- for signals, we proceed, but for messages, we don't because we can't check the UID against the ACL.
Makes sense.
Ack, but it needs to be rebased.
On Wed, Aug 26, 2015 at 02:26:06PM +0200, Pavel Březina wrote:
On 08/10/2015 03:31 PM, Jakub Hrozek wrote:
Hi,
I found two issues in the sbus code while testing the by-certificate lookups. One was that if parsing the reply with client UID failed, then errno would have been garbage.
The second is that since we added signal handling, we always receive NameOwnerChanged after someone binds to the bus. But NameOwnerChanged sender is the bus itself, which doesn't reveal the sender ID -- the request to find the sender ID failed and we didn't process the signal at all.
The only related discussion I found was: http://permalink.gmane.org/gmane.comp.freedesktop.dbus/7404 which would indicate that for the bus itself, the UID can't be retrieved. So I modified the request that reads the UID to return a special error in this case and lets the caller handle it -- for signals, we proceed, but for messages, we don't because we can't check the UID against the ACL.
Makes sense.
Ack, but it needs to be rebased.
Rebased patches are attached.
On 09/01/2015 10:05 AM, Jakub Hrozek wrote:
On Wed, Aug 26, 2015 at 02:26:06PM +0200, Pavel Březina wrote:
On 08/10/2015 03:31 PM, Jakub Hrozek wrote:
Hi,
I found two issues in the sbus code while testing the by-certificate lookups. One was that if parsing the reply with client UID failed, then errno would have been garbage.
The second is that since we added signal handling, we always receive NameOwnerChanged after someone binds to the bus. But NameOwnerChanged sender is the bus itself, which doesn't reveal the sender ID -- the request to find the sender ID failed and we didn't process the signal at all.
The only related discussion I found was: http://permalink.gmane.org/gmane.comp.freedesktop.dbus/7404 which would indicate that for the bus itself, the UID can't be retrieved. So I modified the request that reads the UID to return a special error in this case and lets the caller handle it -- for signals, we proceed, but for messages, we don't because we can't check the UID against the ACL.
Makes sense.
Ack, but it needs to be rebased.
Rebased patches are attached.
Ack.
On Tue, Sep 01, 2015 at 10:37:16AM +0200, Pavel Březina wrote:
On 09/01/2015 10:05 AM, Jakub Hrozek wrote:
On Wed, Aug 26, 2015 at 02:26:06PM +0200, Pavel Březina wrote:
On 08/10/2015 03:31 PM, Jakub Hrozek wrote:
Hi,
I found two issues in the sbus code while testing the by-certificate lookups. One was that if parsing the reply with client UID failed, then errno would have been garbage.
The second is that since we added signal handling, we always receive NameOwnerChanged after someone binds to the bus. But NameOwnerChanged sender is the bus itself, which doesn't reveal the sender ID -- the request to find the sender ID failed and we didn't process the signal at all.
The only related discussion I found was: http://permalink.gmane.org/gmane.comp.freedesktop.dbus/7404 which would indicate that for the bus itself, the UID can't be retrieved. So I modified the request that reads the UID to return a special error in this case and lets the caller handle it -- for signals, we proceed, but for messages, we don't because we can't check the UID against the ACL.
Makes sense.
Ack, but it needs to be rebased.
Rebased patches are attached.
Ack.
Thank you for the review, pushed to master: * 6c2a29a912f4c995343315f1f70c825ca2200640 * 9118a539a5d59f669f551114f880fe91d6bb8741
sssd-devel@lists.fedorahosted.org