/[packages]/updates/3/dbus/current/SOURCES/10005-config-add-new-limit-pending_fd_timeout.patch
ViewVC logotype

Contents of /updates/3/dbus/current/SOURCES/10005-config-add-new-limit-pending_fd_timeout.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 796217 - (show annotations) (download)
Mon Nov 10 20:20:31 2014 UTC (4 years, 9 months ago) by tmb
File size: 6467 byte(s)
set default auth_timeout to 30s as some systems still fail with 20s
1 From e17a921be676bcc89373ec1a9f368fe8b36f1073 Mon Sep 17 00:00:00 2001
2 From: Alban Crequy <alban.crequy@collabora.co.uk>
3 Date: Mon, 21 Jul 2014 17:34:08 +0100
4 Subject: [PATCH 05/10] config: add new limit: pending_fd_timeout
5
6 This is one of four commits needed to address CVE-2014-3637.
7
8 When a file descriptor is passed to dbus-daemon, the associated D-Bus message
9 might not be fully sent to dbus-daemon yet. Dbus-daemon keeps the file
10 descriptor in the DBusMessageLoader of the connection, waiting for the rest of
11 the message. If the client stops sending the remaining bytes, dbus-daemon will
12 wait forever and keep that file descriptor.
13
14 This patch adds pending_fd_timeout (milliseconds) in the configuration to
15 disconnect a connection after a timeout when a file descriptor was sent but not
16 the remaining message.
17
18 Bug: https://bugs.freedesktop.org/show_bug.cgi?id=80559
19 Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
20 (cherry picked from commit bbf11cd5f92064c7c8af61ad4d9ff41f3a039abc)
21 Conflicts:
22 cmake/bus/dbus-daemon.xml
23
24 [Context changes as default auth_timeout was bumped to 15s (mga#14251) / tmb]
25 Signed-off-by: Thomas Backlund <tmb@mageia.org>
26
27 ---
28 bus/bus.c | 6 ++++++
29 bus/bus.h | 2 ++
30 bus/config-parser.c | 12 ++++++++++++
31 bus/session.conf.in | 1 +
32 cmake/bus/dbus-daemon.xml | 6 +++++-
33 5 files changed, 26 insertions(+), 1 deletion(-)
34
35 diff --git a/bus/bus.c b/bus/bus.c
36 index 7ffe772..c4eadc2 100644
37 --- a/bus/bus.c
38 +++ b/bus/bus.c
39 @@ -1229,6 +1229,12 @@ bus_context_get_auth_timeout (BusContext *context)
40 }
41
42 int
43 +bus_context_get_pending_fd_timeout (BusContext *context)
44 +{
45 + return context->limits.pending_fd_timeout;
46 +}
47 +
48 +int
49 bus_context_get_max_completed_connections (BusContext *context)
50 {
51 return context->limits.max_completed_connections;
52 diff --git a/bus/bus.h b/bus/bus.h
53 index 400c9d0..7d0b369 100644
54 --- a/bus/bus.h
55 +++ b/bus/bus.h
56 @@ -54,6 +54,7 @@ typedef struct
57 long max_message_unix_fds; /**< Max number of unix fds of a single message*/
58 int activation_timeout; /**< How long to wait for an activation to time out */
59 int auth_timeout; /**< How long to wait for an authentication to time out */
60 + int pending_fd_timeout; /**< How long to wait for a D-Bus message with a fd to time out */
61 int max_completed_connections; /**< Max number of authorized connections */
62 int max_incomplete_connections; /**< Max number of incomplete connections */
63 int max_connections_per_user; /**< Max number of connections auth'd as same user */
64 @@ -106,6 +107,7 @@ BusClientPolicy* bus_context_create_client_policy (BusContext
65 DBusError *error);
66 int bus_context_get_activation_timeout (BusContext *context);
67 int bus_context_get_auth_timeout (BusContext *context);
68 +int bus_context_get_pending_fd_timeout (BusContext *context);
69 int bus_context_get_max_completed_connections (BusContext *context);
70 int bus_context_get_max_incomplete_connections (BusContext *context);
71 int bus_context_get_max_connections_per_user (BusContext *context);
72 diff --git a/bus/config-parser.c b/bus/config-parser.c
73 index 95d69a4..897667e 100644
74 --- a/bus/config-parser.c
75 +++ b/bus/config-parser.c
76 @@ -428,6 +428,11 @@ bus_config_parser_new (const DBusString *basedir,
77 * password) is allowed, then potentially it has to be quite long.
78 */
79 parser->limits.auth_timeout = 30000; /* 30 seconds */
80 +
81 + /* Do not allow a fd to stay forever in dbus-daemon
82 + * https://bugs.freedesktop.org/show_bug.cgi?id=80559
83 + */
84 + parser->limits.pending_fd_timeout = 150000; /* 2.5 minutes */
85
86 parser->limits.max_incomplete_connections = 64;
87 parser->limits.max_connections_per_user = 256;
88 @@ -1891,6 +1896,12 @@ set_limit (BusConfigParser *parser,
89 must_be_int = TRUE;
90 parser->limits.auth_timeout = value;
91 }
92 + else if (strcmp (name, "pending_fd_timeout") == 0)
93 + {
94 + must_be_positive = TRUE;
95 + must_be_int = TRUE;
96 + parser->limits.pending_fd_timeout = value;
97 + }
98 else if (strcmp (name, "reply_timeout") == 0)
99 {
100 must_be_positive = TRUE;
101 @@ -3097,6 +3108,7 @@ limits_equal (const BusLimits *a,
102 || a->max_message_unix_fds == b->max_message_unix_fds
103 || a->activation_timeout == b->activation_timeout
104 || a->auth_timeout == b->auth_timeout
105 + || a->pending_fd_timeout == b->pending_fd_timeout
106 || a->max_completed_connections == b->max_completed_connections
107 || a->max_incomplete_connections == b->max_incomplete_connections
108 || a->max_connections_per_user == b->max_connections_per_user
109 diff --git a/bus/session.conf.in b/bus/session.conf.in
110 index 6ce8503..2ee1c31 100644
111 --- a/bus/session.conf.in
112 +++ b/bus/session.conf.in
113 @@ -53,6 +53,7 @@
114 limit is also relatively low -->
115 <limit name="service_start_timeout">120000</limit>
116 <limit name="auth_timeout">240000</limit>
117 + <limit name="pending_fd_timeout">150000</limit>
118 <limit name="max_completed_connections">100000</limit>
119 <limit name="max_incomplete_connections">10000</limit>
120 <limit name="max_connections_per_user">100000</limit>
121 diff --git a/cmake/bus/dbus-daemon.xml b/cmake/bus/dbus-daemon.xml
122 index f331699..fb517e2 100644
123 --- a/cmake/bus/dbus-daemon.xml
124 +++ b/cmake/bus/dbus-daemon.xml
125 @@ -401,7 +401,11 @@ Available limit names are:</para>
126 "auth_timeout" : milliseconds (thousandths) a
127 connection is given to
128 authenticate
129 - "max_completed_connections" : max number of authenticated connections
130 + "pending_fd_timeout" : milliseconds (thousandths) a
131 + fd is given to be transmitted to
132 + dbus-daemon before disconnecting the
133 + connection
134 + "max_completed_connections" : max number of authenticated connections
135 "max_incomplete_connections" : max number of unauthenticated
136 connections
137 "max_connections_per_user" : max number of completed connections from
138 --
139 2.1.0
140

  ViewVC Help
Powered by ViewVC 1.1.26