bug with 5 code lines

Julien Isorce julien.isorce at gmail.com
Sun Nov 22 07:21:36 PST 2009 

Hi,

I saw what happen since 2 days (bugs, patch etc..)
Do you plan to update the binaries and dev packages here ?
http://sourceforge.net/projects/windbus/files/
because this url is reported here:
http://www.freedesktop.org/wiki/Software/dbus

Sincerely
Julien

2009/11/20 Ralf Habacker <ralf.habacker at freenet.de>

> Ralf Habacker schrieb:
>
>  Julien Isorce schrieb:
>>
>>> Hi,
>>>
>>> Thx for the reply.
>>>
>>> I tried what you suggested:
>>>
>>> 2 cases, the first works, the second (the one I want) does not work:
>>>
>>> First case:
>>> ---------------------------------
>>> I run dbus-daemon --system in command line so the user is Administrator.
>>> In other cmd, I run dbus-send --print-reply --system
>>> --dest="org.freedesktop.DBus" /org/freedesktop /DBus/Introspectable
>>> org.freedesktop.DBus.Introspectable.Introspect
>>> I got a reply and it's ok.
>>> I attached the log of the server to this mail:
>>> dbus-daemon_administrator_classic.log
>>> ---------------------------------
>>>
>>>
>>> Second case:
>>> ---------------------------------
>>>
>> I assume in this case you are using DBUS_COOKIE_SHA1 auth
>>
>>> I run :
>>> cygrunsrv -I dbus-daemon -i --path
>>> /cygdrive/c/dbus/dbus-exe/bin/dbus-daemon.exe --chdir
>>> /cygdrive/c/dbus/dbus-exe --args --system --env DBUS_VERBOSE=1 --env
>>> DBUS_TEST_HOMEDIR=C:\dbus\dbus-exe
>>> then: cygrunsrv -S dbus-daemon
>>> I can then see the dbus-daemon.exe process in task manager and the user
>>> name is SYSTEM
>>>
>>> In other cmd, I run dbus-send --print-reply --system
>>> --dest="org.freedesktop.DBus" /org/freedesktop /DBus/Introspectable
>>> org.freedesktop.DBus.Introspectable.Introspect
>>> The error from the client is: dbus-send.log attached to this mail
>>>
>> the second log contains the following entry:
>>
>> 272: Client authorized as SID 'S-1-5-18' but our SID is 'S-1-5-18',
>> disconnecting
>>
>> This message coms from dbus/dbus-transport.c::auth_via_default_rules (for
>> the complete code see
>> http://cgit.freedesktop.org/dbus/dbus/tree/dbus/dbus-transport.c)
>>
>> The default auth rules are [1]:
>>
>>  /* By default, connection is allowed if the client is 1) root or 2)
>>  * has the same UID as us or 3) anonymous is allowed.
>>  */
>>  if (transport->allow_anonymous ||
>>     _dbus_credentials_get_unix_uid (auth_identity) == 0 ||
>>     _dbus_credentials_same_user (our_identity,
>>                                  auth_identity))
>>   {
>>
>> Because none of the condition is true DBUS_COOKIE_SHA1 auth fails (see the
>> code snippet below)
>>
>>  else
>>   {
>>     if
>> (_dbus_credentials_include(our_identity,DBUS_CREDENTIAL_WINDOWS_SID))
>>         _dbus_verbose ("Client authorized as SID '%s'"
>>                        " but our SID is '%s', disconnecting\n",
>>                        _dbus_credentials_get_windows_sid(our_identity),
>>                        _dbus_credentials_get_windows_sid(our_identity));
>>    else
>>
>>     _dbus_transport_disconnect (transport);
>>     allow = FALSE;
>>
>> BTW: The code shows also a bug - for the client the server sid is also
>> printed. I found this bug in all available dbus implementations and should
>> be fixed -> patch will follow
>>
>> If you have the dbus source you may comment out the following line  from
>> [1]
>>
>>     _dbus_credentials_same_user (our_identity,
>>                                  auth_identity))
>>
>>  Sorry, I was wrong with this patch it is required to not comment out the
> above mentioned line, instead the following lines should be used (both
> our_identity)
>
>
>    _dbus_credentials_same_user (our_identity,
>                                 our_identity))
>
>
> Regards
> Ralf
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freedesktop.org/archives/dbus/attachments/20091122/c9f9871a/attachment.html

More information about the dbus mailing list