aab9382297008c1d1b7cef361159a44885d52af0 |
|
01-Sep-2015 |
Gilad Arnold <garnold@google.com> |
Support for dropping privileges with supplementary groups. On Android, we need support for supplementary groups when dropping privileges in order to retain permissions for accessing system resources such as the DBus socket. This CL: 1) Adds a flag -G to tlsdated for listing supplementary groups used when dropping privileges. 2) Adds '-G dbus' to tlsdated Android init script. Bug: 22373707 Bug: 23651876 Change-Id: I0769d5ef496d073c20016c3252c5edbfead2aaa5
/external/tlsdate/src/util.h
|
eaa686f75374a6c2807b976dfaf65620a57421c4 |
|
13-Oct-2014 |
Jacob Appelbaum <jacob@appelbaum.net> |
add no_new_privs()
/external/tlsdate/src/util.h
|
182abd405bd9847448298d44192d052d3820a81d |
|
13-Oct-2014 |
Jacob Appelbaum <jacob@appelbaum.net> |
attempt seat of pants define for critical security feature (what could go wrong?)
/external/tlsdate/src/util.h
|
733df00516d22ef63b891a29d18704d963fdb632 |
|
13-Oct-2014 |
Jacob Appelbaum <jacob@appelbaum.net> |
define PR_SET_NO_NEW_PRIVS
/external/tlsdate/src/util.h
|
1cfe6cf10d1a7f397d0fff8c8bcb60667c30b1db |
|
13-Oct-2014 |
Jacob Appelbaum <jacob@appelbaum.net> |
#include <sys/prctl.h>
/external/tlsdate/src/util.h
|
523304f84539c2fc0bd802e106fe37327c595405 |
|
12-Oct-2014 |
Jacob Appelbaum <jacob@appelbaum.net> |
invert common case
/external/tlsdate/src/util.h
|
82853f9cb8f8f2e11041046d9957a9483d2e2102 |
|
10-Oct-2014 |
Jacob Appelbaum <jacob@appelbaum.net> |
add terminate_syslog
/external/tlsdate/src/util.h
|
c9b803bcf0e0923dceecb47f2d0deac416f82373 |
|
27-Sep-2014 |
Jacob Appelbaum <jacob@appelbaum.net> |
add openlog
/external/tlsdate/src/util.h
|
47313d1f1ae3749f69ad0344e8125f1d61f6faed |
|
18-Sep-2014 |
Will Drewry <wad@chromium.org> |
continued merge overhaul - Integration tests now all run properly - Added 'emit' helper for integration tests - Cleaned up accidental closure of stdin if hwclock isn't being sync'd - Cleaned up verb_debug to just use logat cleanly - Updated man page for -U (dbus disable) and -b (verbose_debug) - Pushed in placeholders for some unittests that need to be added.
/external/tlsdate/src/util.h
|
9c331bf201909fb5a85725202eee872d4323e12d |
|
17-Sep-2014 |
Will Drewry <wad@chromium.org> |
continued merge issues: platform, debug, configs - moved debug () to verb_debug () - moved to platform->* calls for system calls - moved upstart file for cros to a cros-specific name
/external/tlsdate/src/util.h
|
2d9fd234e2887fdb29c6c09f66ade0a8b32c3ba7 |
|
16-Sep-2014 |
Will Drewry <wad@chromium.org> |
Merge branch 'master' of https://chromium.googlesource.com/chromiumos/third_party/tlsdate into upstream This is the initial merge of the Chromium OS fork of tlsdated. It adds a dependency in libevent2 and removes the custom event solution and adds a platform-specific hook for integrating with platform signals (like network readiness). Signed-off-by: <redpig@dataspill.org> Conflicts: Makefile.am configure.ac man/tlsdate-dbus-announce.1 man/tlsdated.8 src/Makefile.am src/compat/clock-linux.c src/compat/clock.h src/conf-unittest.c src/conf.c src/include.am src/proxy-bio.c src/test/proxy-override.c src/tlsdate-dbus-announce.c src/tlsdate-helper.c src/tlsdate.c src/tlsdate.h src/tlsdated-unittest.c src/tlsdated.c src/util.c src/util.h
|
d00526018524956084364987edecbfa40321d0d9 |
|
20-Nov-2013 |
Fabian Keil <fk@fabiankeil.de> |
Include <unistd.h> in src/util.h On FreeBSD 11-CURRENT this fixes the compilation failure: In file included from ./src/proxy-bio.h:16, from src/proxy-bio.c:38: ./src/util.h:46: error: expected '=', ',', ';', 'asm' or '__attribute__' before 'wait_with_timeout' ./src/util.h:50: warning: 'struct timeval' declared inside parameter list ./src/util.h:50: warning: its scope is only this definition or declaration, which is probably not what you want ./src/util.h:51: warning: 'struct timeval' declared inside parameter list ./src/util.h:57: warning: 'struct timeval' declared inside parameter list *** Error code 1
/external/tlsdate/src/util.h
|
232fa7e93cd02d176ba2501d8d0e6614b2563ac0 |
|
01-Nov-2013 |
Jacob Appelbaum <jacob@appelbaum.net> |
Add verb_debug and give -vv meaning
/external/tlsdate/src/util.h
|
c45952f88c568046a02bc0aea793008d8bb37755 |
|
03-Sep-2013 |
Will Drewry <wad@chromium.org> |
CHROMIUM: Initial work eventizing tlsdated tlsdated provides the daemonized integration of tlsdate and the host system -- resumable time, DBus announcements, time-sync events, and so on. At present, it provides only netlink based wakeups and limited time synchronization. On Chromium OS, proxy support and network changes are integrated through external shell scripts monitoring DBus. These scripts lack the robustness required for a production grade time synchronization system. This change is manyfold: - Convert tlsdated "wakeup" input into events - Convert tlsdate execution and status collection into a event-friendly technique - Integrate libevent into the tlsdated design - Integrate support for platform specific wake up events - Integrate support for dynamic proxy resolution on each tlsdate call - Integrate CrOS wakeup events: proxy changes, default network service change, power state/resume, etc - Integrate time continuity checking using MONOTONIC clocks versus REALTIME for all wake events - Integrate DBus support directly into the event loop to allow for message sending and signal receipt (e.g., dbus_announce) - Addition of DOT file for laying out event flows - Split off time setting to a privileged helper by having tlsdate pass back time_t - Added configure support for --enable-cros and libevent2 checking - Support dynamic proxy resolution for multiple sources - Fixed a NULL deref in source traversal - Added "sync type" and priority - Added DBus interface for SetTime, CanSetTime, LastSyncInfo methods. - Added "sync source" to the TimeUpdated signal - Updated existing unittests - Add seccomp filter for priv'd time setter - Added dynamic proxy per source so we can add a final source with no proxy. - Style consistency: "find ./ -name '*.[ch]' -exec astyle --style=gnu -xd \{\} \;" Followed by the same with sed -i -e 's/) )/))/g' - Added DBus policy and interface files and a new dbus-client-group configure argument. Design: https://docs.google.com/a/google.com/document/d/1U1y7KBMo-BgWPspzoyeO5gSmU6dMwEJBc2HNNkGMJzY/view - Outstanding work: new unit and integration tests BUG=chromium:271644 TEST=manually tested on x86_64, arm, and x86-32. end-to-end autotest: https://chromium-review.googlesource.com/#/c/169141/ fixed up existing autotests: https://chromium-review.googlesource.com/174782 Change-Id: I0d24951182a768532d6d04eea2224ac70cf04052 Reviewed-on: https://chromium-review.googlesource.com/169131 Reviewed-by: Kees Cook <keescook@chromium.org> Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org> Tested-by: Will Drewry <wad@chromium.org> Commit-Queue: Will Drewry <wad@chromium.org>
/external/tlsdate/src/util.h
|
aa04c0126a590fc9646d491151bcbfeed34ba693 |
|
24-Jun-2013 |
elly <elly@leptoquark.net> |
Refactor event loop. Refactor the event loop to be modular and testable. Also, add support for detecting corruption of the realtime clock, as can be caused by suspend/resume cycles without an rtc battery. The event loop is now driven by a tree of events, which are either sources (currently suspend/resume events, periodic events, and network route events) or composite events. Signed-off-by: Elly Fong-Jones <elly@leptoquark.net>
/external/tlsdate/src/util.h
|
691a39f31465c3118a31d3c8be580cbbaf603578 |
|
21-Jun-2013 |
elly <elly@leptoquark.net> |
Fix subprocess watching. Currently, the subprocess watching code polls with a delay between attempts. Instead, introduce wait_with_timeout() and use it, simplifying this code. Signed-off-by: Elly Fong-Jones <elly@leptoquark.net>
/external/tlsdate/src/util.h
|
f0f17b98fa4c2a5a20a255be4b631d9e3d8bf704 |
|
24-Apr-2013 |
Jacob Appelbaum <jacob@appelbaum.net> |
Add build support for Haiku and perhaps BeOS; needs testing
/external/tlsdate/src/util.h
|
a5e7fbb012f155b0a37c09e1c42989bc4988fce9 |
|
08-Jan-2013 |
Elly Fong-Jones <ellyjones@chromium.org> |
tlsdated: add dbus announcement support Announce over DBus whenever we change the system time. Change-Id: Ic6cbab5f703bebe489f513025336c53240ccce35 Signed-off-by: Elly Fong-Jones <ellyjones@chromium.org>
/external/tlsdate/src/util.h
|
a9e52fe816b570da68138394c4884c7db7171580 |
|
05-Nov-2012 |
Elly Fong-Jones <ellyjones@google.com> |
proxy-bio: Fix up buffer length handling logic. The buffer length was being badly mishandled such that if the returned hostname was 254 bytes long, we'd repeatedly read zero bytes and get stuck in an endless loop. There were also a bunch of places that would accept short reads/writes during protocol negotiation which have now been changed to only accept exact lengths. Signed-off-by: Elly Fong-Jones <ellyjones@chromium.org>
/external/tlsdate/src/util.h
|
b24f342311f93ff61a73ba4628dc173d09c50413 |
|
02-Nov-2012 |
Jacob Appelbaum <jacob@appelbaum.net> |
update verbose ints location
/external/tlsdate/src/util.h
|
c88a9f7f976f8495fcf27717a292bd1070828192 |
|
02-Nov-2012 |
Jacob Appelbaum <jacob@appelbaum.net> |
Move common functions to util.c and add verb() to proxy code
/external/tlsdate/src/util.h
|
8d751a0168e8c392df88327709e482f6d6375ccb |
|
30-Oct-2012 |
Jacob Appelbaum <jacob@appelbaum.net> |
retab for sanity
/external/tlsdate/src/util.h
|
6fb0d4b062af22e3576b8c48027710d10d764e34 |
|
06-Oct-2012 |
Elly Fong-Jones <elly@leptoquark.net> |
Add tlsdate-routeup and tlsdated. The tlsdate-routeup(1) helper program listens for new IP routes and emits output on stdout when a new route appears. The tlsdated(1) program runs tlsdate(1) as appropriate to maintain an accurate system clock; it tries once when the system comes up, then tries repeatedly whenever a new route appears until it succeeeds. After succeeding, tlsdated falls back to running tlsdate once a day to compensate for gradual clock drift. We also keep the rtc synchronized whenever we run tlsdate. Signed-off-by: Elly Jones <ellyjones@chromium.org> Reviewed-on: https://gerrit.chromium.org/gerrit/32959 Reviewed-by: Will Drewry <wad@chromium.org> Conflicts: src/Makefile.am
/external/tlsdate/src/util.h
|