Attachment #216443 for bug #300929

Lines 210-216 Link Here

(-)dbus-1.3.0.orig/bus/activation-helper.c (-1 / +7 lines)
210		210
211	/* bail out unless we are setuid to user root */	211	/* bail out unless we are setuid to user root */
212	euid = geteuid();	212	euid = geteuid();
213	if (euid != 0)	213	if (euid !=
		214	#ifdef __INTERIX
		215	197108
		216	#else
		217	0
		218	#endif
		219	)
214	{	220	{
215	dbus_set_error (error, DBUS_ERROR_SPAWN_PERMISSIONS_INVALID,	221	dbus_set_error (error, DBUS_ERROR_SPAWN_PERMISSIONS_INVALID,
216	"not setuid root");	222	"not setuid root");

Lines 455-461 Link Here

(-)dbus.orig-1.3.0/dbus/dbus-auth-script.c (-1 / +7 lines)
455	else if (_dbus_string_starts_with_c_str (&line,	455	else if (_dbus_string_starts_with_c_str (&line,
456	"ROOT_CREDENTIALS"))	456	"ROOT_CREDENTIALS"))
457	{	457	{
458	auth_set_unix_credentials (auth, 0, DBUS_PID_UNSET);	458	auth_set_unix_credentials (auth,
		459	#ifdef __INTERIX
		460	197108
		461	#else
		462	0
		463	#endif
		464	, DBUS_PID_UNSET);
459	}	465	}
460	else if (_dbus_string_starts_with_c_str (&line,	466	else if (_dbus_string_starts_with_c_str (&line,
461	"SILLY_CREDENTIALS"))	467	"SILLY_CREDENTIALS"))




                                DBusCredentials *credentials,
                                DBusError       *error)
{
#ifdef __INTERIX
  int bytes_read = 0;
  DBusString buf;
  if ( _dbus_string_init( &buf )) {
    bytes_read = _dbus_read_socket(client_fd, &buf, 1);
	if (bytes_read == 1) {
		_dbus_verbose("got one byte from server");
	} else {
      dbus_set_error (error, DBUS_ERROR_FAILED,
                      "Failed to read credentials byte");
      return FALSE;
	} 
	_dbus_string_free(&buf);
  } else {
	  _DBUS_SET_OOM(error);
	  return FALSE;
  }
  _dbus_credentials_add_from_current_process(credentials); /* w/e */
  _dbus_verbose("FIXME: Interix: got faked credentials from current process");
  return TRUE;
#else
  struct msghdr msg;
  struct iovec iov;
  char buf;

    }
  
  return TRUE;
#endif /* __INTERIX */
}

/**

Lines 361-367 Link Here

(-)dbus-1.3.0.orig/dbus/dbus-sysdeps-util-unix.c (-1 / +12 lines)
361	}	361	}
362		362
363	#ifdef HAVE_LIBAUDIT	363	#ifdef HAVE_LIBAUDIT
364	we_were_root = _dbus_geteuid () == 0;	364	we_were_root = _dbus_get_euid() ==
		365	#ifdef __INTERIX
		366	197108
		367	#else
		368	0
		369	#endif
		370	;
365	new_caps = NULL;	371	new_caps = NULL;
366	/* have a tmp set of caps that we use to transition to the usr/grp dbus should	372	/* have a tmp set of caps that we use to transition to the usr/grp dbus should
367	* run as ... doesn't really help. But keeps people happy.	373	* run as ... doesn't really help. But keeps people happy.
Lines 757-762 Link Here
757	# error "buffer size for readdir_r cannot be determined"	763	# error "buffer size for readdir_r cannot be determined"
758	# endif	764	# endif
759	# endif	765	# endif
		766	#ifdef __INTERIX
		767	#define BFB 1024 /* big fine buffer */
		768	/* bah... just use a nice big value here, was causing stack corruption */
		769	name_max = name_max > BFB ? name_max : BFB;
		770	#endif
760	if (size)	771	if (size)
761	*size = (size_t)offsetof(struct dirent, d_name) + name_max + 1;	772	*size = (size_t)offsetof(struct dirent, d_name) + name_max + 1;
762	else	773	else

Lines 638-646 Link Here

(-)dbus-1.3.0.orig/dbus/dbus-transport.c (-3 / +7 lines)
638	}	638	}
639		639
640	if (transport->allow_anonymous \|\|	640	if (transport->allow_anonymous \|\|
641	_dbus_credentials_get_unix_uid (auth_identity) == 0 \|\|	641	_dbus_credentials_get_unix_uid (auth_identity) ==
642	_dbus_credentials_same_user (our_identity,	642	#ifdef __INTERIX
643	auth_identity))	643	197108
		644	#else
		645	0
		646	#endif
		647	\|\| _dbus_credentials_same_user (our_identity, auth_identity))
644	{	648	{
645	if (_dbus_credentials_include(our_identity,DBUS_CREDENTIAL_WINDOWS_SID))	649	if (_dbus_credentials_include(our_identity,DBUS_CREDENTIAL_WINDOWS_SID))
646	_dbus_verbose ("Client authorized as SID '%s'"	650	_dbus_verbose ("Client authorized as SID '%s'"

Lines 3-9 Link Here

(-)dbus-1.3.0.orig/test/data/auth/external-root.auth-script (-1 / +1 lines)
3	SERVER	3	SERVER
4	ROOT_CREDENTIALS	4	ROOT_CREDENTIALS
5	## 30 is ASCII '0' in hex	5	## 30 is ASCII '0' in hex
6	SEND 'AUTH EXTERNAL 30'	6	SEND 'AUTH EXTERNAL 313937313038'
7	EXPECT_COMMAND OK	7	EXPECT_COMMAND OK
8	EXPECT_STATE WAITING_FOR_INPUT	8	EXPECT_STATE WAITING_FOR_INPUT
9	SEND 'BEGIN'	9	SEND 'BEGIN'




    <deny own="org.freedesktop.System"/>
    <deny send_destination="org.freedesktop.System"/>
    <deny receive_sender="org.freedesktop.System"/>
    <deny user="Administrator"/>
    <deny group="+Administrators"/>
    <allow send_type="error"/>
    <allow send_type="method_call"/>
    <allow send_type="method_return"/>

    <deny own="org.freedesktop.System"/>
    <deny send_destination="org.freedesktop.System"/>
    <deny receive_sender="org.freedesktop.System"/>
    <deny user="Administrator"/>
    <deny group="+Administrators"/>
    <allow send_type="error"/>
    <allow send_type="method_call"/>
    <allow send_type="method_return"/>

Lines 7-13 Link Here

(-)dbus-1.3.0.orig/test/data/valid-config-files/system.d/test.conf (-1 / +1 lines)
7		7
8	<!-- Only root can own the FooService service, and	8	<!-- Only root can own the FooService service, and
9	this user can only send the one kind of message -->	9	this user can only send the one kind of message -->
10	<policy user="root">	10	<policy user="Administrator">
11	<allow own="org.foo.FooService"/>	11	<allow own="org.foo.FooService"/>
12	<allow send_interface="org.foo.FooBroadcastInterface"/>	12	<allow send_interface="org.foo.FooBroadcastInterface"/>
13	</policy>	13	</policy>

Return to bug 300929

Lines 1490-1495 Link Here

(-)dbus-1.3.0.orig/dbus/dbus-sysdeps-unix.c (+22 lines)
1490	DBusCredentials *credentials,	1490	DBusCredentials *credentials,
1491	DBusError *error)	1491	DBusError *error)
1492	{	1492	{
		1493	#ifdef __INTERIX
		1494	int bytes_read = 0;
		1495	DBusString buf;
		1496	if ( _dbus_string_init( &buf )) {
		1497	bytes_read = _dbus_read_socket(client_fd, &buf, 1);
		1498	if (bytes_read == 1) {
		1499	_dbus_verbose("got one byte from server");
		1500	} else {
		1501	dbus_set_error (error, DBUS_ERROR_FAILED,
		1502	"Failed to read credentials byte");
		1503	return FALSE;
		1504	}
		1505	_dbus_string_free(&buf);
		1506	} else {
		1507	_DBUS_SET_OOM(error);
		1508	return FALSE;
		1509	}
		1510	_dbus_credentials_add_from_current_process(credentials); /* w/e */
		1511	_dbus_verbose("FIXME: Interix: got faked credentials from current process");
		1512	return TRUE;
		1513	#else
1493	struct msghdr msg;	1514	struct msghdr msg;
1494	struct iovec iov;	1515	struct iovec iov;
1495	char buf;	1516	char buf;
Lines 1704-1709 Link Here
1704	}	1725	}
1705		1726
1706	return TRUE;	1727	return TRUE;
		1728	#endif /* __INTERIX */
1707	}	1729	}
1708		1730
1709	/**	1731	/**

Lines 16-23 Link Here

(-)dbus-1.3.0.orig/test/data/valid-config-files/many-rules.conf (-4 / +4 lines)
16	<deny own="org.freedesktop.System"/>	16	<deny own="org.freedesktop.System"/>
17	<deny send_destination="org.freedesktop.System"/>	17	<deny send_destination="org.freedesktop.System"/>
18	<deny receive_sender="org.freedesktop.System"/>	18	<deny receive_sender="org.freedesktop.System"/>
19	<deny user="root"/>	19	<deny user="Administrator"/>
20	<deny group="root"/>	20	<deny group="+Administrators"/>
21	<allow send_type="error"/>	21	<allow send_type="error"/>
22	<allow send_type="method_call"/>	22	<allow send_type="method_call"/>
23	<allow send_type="method_return"/>	23	<allow send_type="method_return"/>
Lines 34-41 Link Here
34	<deny own="org.freedesktop.System"/>	34	<deny own="org.freedesktop.System"/>
35	<deny send_destination="org.freedesktop.System"/>	35	<deny send_destination="org.freedesktop.System"/>
36	<deny receive_sender="org.freedesktop.System"/>	36	<deny receive_sender="org.freedesktop.System"/>
37	<deny user="root"/>	37	<deny user="Administrator"/>
38	<deny group="root"/>	38	<deny group="+Administrators"/>
39	<allow send_type="error"/>	39	<allow send_type="error"/>
40	<allow send_type="method_call"/>	40	<allow send_type="method_call"/>
41	<allow send_type="method_return"/>	41	<allow send_type="method_return"/>