tree-wide: remove Emacs lines from all files This should be handled fine now by .dir-locals.el, so need to carry that stuff in every file.

tests: fix memory leak in test-bus-marshal Fixes: ``` $ ./configure ... --enable-dbus $ make $ make valgrind-tests TESTS=test-bus-marshal ... ==25301== 51 bytes in 1 blocks are definitely lost in loss record 7 of 18 ==25301== at 0x4C2DD9F: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==25301== by 0x5496B8C: ??? (in /lib/x86_64-linux-gnu/libdbus-1.so.3.14.3) ==25301== by 0x54973E3: _dbus_string_append_printf_valist (in /lib/x86_64-linux-gnu/libdbus-1.so.3.14.3) ==25301== by 0x547E5C2: _dbus_set_error_valist (in /lib/x86_64-linux-gnu/libdbus-1.so.3.14.3) ==25301== by 0x547E73E: dbus_set_error (in /lib/x86_64-linux-gnu/libdbus-1.so.3.14.3) ==25301== by 0x548969A: dbus_message_demarshal (in /lib/x86_64-linux-gnu/libdbus-1.so.3.14.3) ==25301== by 0x115C1A: main (test-bus-marshal.c:244) ==25301== ```

tree-wide: expose "p"-suffix unref calls in public APIs to make gcc cleanup easy GLIB has recently started to officially support the gcc cleanup attribute in its public API, hence let's do the same for our APIs. With this patch we'll define an xyz_unrefp() call for each public xyz_unref() call, to make it easy to use inside a __attribute__((cleanup())) expression. Then, all code is ported over to make use of this. The new calls are also documented in the man pages, with examples how to use them (well, I only added docs where the _unref() call itself already had docs, and the examples, only cover sd_bus_unrefp() and sd_event_unrefp()). This also renames sd_lldp_free() to sd_lldp_unref(), since that's how we tend to call our destructors these days. Note that this defines no public macro that wraps gcc's attribute and makes it easier to use. While I think it's our duty in the library to make our stuff easy to use, I figure it's not our duty to make gcc's own features easy to use on its own. Most likely, client code which wants to make use of this should define its own: #define _cleanup_(function) __attribute__((cleanup(function))) Or similar, to make the gcc feature easier to use. Making this logic public has the benefit that we can remove three header files whose only purpose was to define these functions internally. See #2008.

tree-wide: sort includes Sort the includes accoding to the new coding style.

util-lib: split out allocation calls into alloc-util.[ch]

util-lib: split out hex/dec/oct encoding/decoding into its own file

util-lib: split out fd-related operations into fd-util.[ch] There are more than enough to deserve their own .c file, hence move them over.

util-lib: split our string related calls from util.[ch] into its own file string-util.[ch] There are more than enough calls doing string manipulations to deserve its own files, hence do something about it. This patch also sorts the #include blocks of all files that needed to be updated, according to the sorting suggestions from CODING_STYLE. Since pretty much every file needs our string manipulation functions this effectively means that most files have sorted #include blocks now. Also touches a few unrelated include files.

sd-bus: add sd_bus_path_{encode,decode}_many() This introduces two new helpers alongside sd_bus_path_{encode,decode}(), which work similarly to their counterparts, but accept a format-string as input. This allows encoding and decoding multiple labels of a format string at the same time.

sd-bus: don't assert() on valid signatures Right now sd_bus_message_skip() will abort execution if passed a signature of the unary type "()". Regardless whether this should be supported or not, we really must not abort. Drop the incorrect assertion and add a test-case for this.

sd-bus: fix invalid stack access on test-bus-marshal Make sure we actually parse "unsigned long long" if we encode a uint64_t. Otherwise, we will get random data from the stack.

sd-bus: fix gvariant structure encoding In gvariant, all fixed-size objects need to be sized a multiple of their alignment. If a structure has only fixed-size members, it is required to be fixed size itself. If you imagine a structure like (ty), you have an 8-byte member followed by an 1-byte member. Hence, the overall inner-size is 9. The alignment of the object is 8, though. Therefore, the specs mandates final padding after fixed-size structures, to make sure it's sized a multiple of its alignment (=> 16). On the gvariant decoder side, we already account for this in bus_gvariant_get_size(), as we apply overall padding to the size of the structure. Therefore, our decoder correctly skips such final padding when parsing fixed-size structure. On the gvariant encoder side, however, we don't account for this final padding. This patch fixes the structure and dict-entry encoders to properly place such padding at the end of non-uniform fixed-size structures. The problem can be easily seen by running: $ busctl --user monitor and $ busctl call --user org.freedesktop.systemd1 / org.foobar foobar "(ty)" 777 8 The monitor will fail to parse the message and print an error. With this patch applied, everything works fine again. This patch also adds a bunch of test-cases to force non-uniform structures with non-pre-aligned positions. Thanks to Jan Alexander Steffens <jan.steffens@gmail.com> for spotting this and narrowing it down to non-uniform gvariant structures. Fixes #597.

sd-bus: remove ucred parameter from bus_message_from_header() since we don't use it anymore

bus: implement bus_path_{en,de}code_unique() Whenever we provide a bus API that allows clients to create and manage server-side objects, we need to provide a unique name for these objects. There are two ways to provide them: 1) Let the server choose a name and return it as method reply. 2) Let the client pass its name of choice in the method arguments. The first method is the easiest one to implement. However, it suffers from a race condition: If a client creates an object asynchronously, it cannot destroy that object until it received the method reply. It cannot know the name of the new object, thus, it cannot destroy it. Furthermore, this method enforces a round-trip. If the client _depends_ on the method call to succeed (eg., it would close() the connection if it failed), the client usually has no reason to wait for the method reply. Instead, the client can immediately schedule further method calls on the newly created object (in case the API guarantees in-order method-call handling). The second method fixes both problems: The client passes an object name with the method-call. The server uses it to create the object. Therefore, the client can schedule object destruction even if the object-creation hasn't finished, yet (again, requiring in-order method-call handling). Furthermore, the client can schedule further method calls on the newly created object, before the constructor returned. There're two problems to solve, though: 1) Object names are usually defined via dbus object paths, which are usually globally namespaced. Therefore, multiple clients must be able to choose unique object names without interference. 2) If multiple libraries share the same bus connection, they must be able to choose unique object names without interference. The first problem is solved easily by prefixing a name with the unique-bus-name of a connection. The server side must enforce this and reject any other name. The second problem is solved by providing unique suffixes from within sd-bus. As long as sd-bus always returns a fresh new ID, if requested, multiple libraries will never interfere. This implementation re-uses bus->cookie as ID generator, which already provides unique IDs for each bus connection. This patch introduces two new helpers: bus_path_encode_unique(sd_bus *bus, const char *prefix, const char *sender_id, const char *external_id, char **ret_path); This creates a new object-path via the template '/prefix/sender_id/external_id'. That is, it appends two new labels to the given prefix. If 'sender_id' is NULL, it will use bus->unique_name, if 'external_id' is NULL, it will allocate a fresh, unique cookie from bus->cookie. bus_path_decode_unique(const char *path, const char *prefix, char **ret_sender, char **ret_external); This reverses what bus_path_encode_unique() did. It parses 'path' from the template '/prefix/sender/external' and returns both suffix-labels in 'ret_sender' and 'ret_external'. In case the template does not match, 0 is returned and both output arguments are set to NULL. Otherwise, 1 is returned and the output arguments contain the decoded labels. Note: Client-side allocated IDs are inspired by the Wayland protocol (which itself was inspired by X11). Wayland uses those IDs heavily to avoid round-trips. Clients can create server-side objects and send method calls without any round-trip and waiting for any object IDs to be returned. But unlike Wayland, DBus uses gobally namespaced object names. Therefore, we have to add the extra step by adding the unique-name of the bus connection.

remove unused includes This patch removes includes that are not used. The removals were found with include-what-you-use which checks if any of the symbols from a header is in use.

sd-bus: fix handling of double parameters in sd_bus_message_append() We really need to use va_arg() with the right type here as uint64_t and double might have the same size, but are passed differently as arguments.

busctl: introduce busctl "get-property" command for reading and dumping object properties

sd-bus: don't allow creating message objects that are not attached to a bus It seems unnecessary to support this, and we rather should avoid allowing this at all, so that people don't program against this sloppily and we end up remarshalling all the time...

Remove unnecessary casts in printfs No functional change expected :)

bus: replace sd_bus_label_{escape,unescape}() by new sd_bus_path_{encode,decode}() The new calls work similarly, but enforce a that a common, fixed bus path prefix is used. This follows discussions with Simon McVittie on IRC that it should be a good idea to make sure that people don't use the escaping applied here too wildly as anything other than the last label of a bus path.

man: describe functions for appending to messages

api: in constructor function calls, always put the returned object pointer first (or second) Previously the returned object of constructor functions where sometimes returned as last, sometimes as first and sometimes as second parameter. Let's clean this up a bit. Here are the new rules: 1. The object the new object is derived from is put first, if there is any 2. The object we are creating will be returned in the next arguments 3. This is followed by any additional arguments Rationale: For functions that operate on an object we always put that object first. Constructors should probably not be too different in this regard. Also, if the additional parameters might want to use varargs which suggests to put them last. Note that this new scheme only applies to constructor functions, not to all other functions. We do give a lot of freedom for those. Note that this commit only changes the order of the new functions we added, for old ones we accept the wrong order and leave it like that.

libsystemd: split up into subdirs We still only produce on .so, but let's keep the sources separate to make things a bit less messy.