[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1037196: bullseye-pu: package dbus/1.12.28-0+deb11u1



Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian.org@packages.debian.org
Usertags: pu
X-Debbugs-Cc: dbus@packages.debian.org, debian-boot@lists.debian.org
Control: affects -1 + src:dbus

[ Reason ]
Fix a local denial of service for which the security team does not intend
to do a DSA (dbus#457, #1037151; CVE assignment pending).

[ Impact ]
While a sysadmin is using `dbus-monitor --system` or similar tools,
an unprivileged local user can cause denial of service by crashing the
`dbus-daemon --system`.

The new upstream release also fixes some smaller bugs:
- fix a denial of service that wasn't relevant for the way Debian compiles
  dbus (it was only a problem when assertions are enabled)
- an autopkgtest regression on Ubuntu kernels
- wrong upstream bug reporting URLs
- a documentation typo

[ Tests ]
Build-time tests and autopkgtests pass. There is new test coverage for the
denial of service, which was able to reproduce the bug. I also smoke-tested
this on a GNOME virtual machine; I already upgraded my real-hardware
systems to bookworm, so I can't directly test this on hardware.

[ Risks ]
It's a key package, so any regressions would be highly visible.

Technically dbus has udebs, although as noted in the similar bookworm
update request, they aren't directly useful for anything.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [ ] the issue is verified as fixed in unstable
      - intentionally not done yet due to the full freeze, because dbus
        has udebs

[ Changes ]
bus/connection.c: fix the denial of service, #1037151
dbus/dbus-connection{.c,-internal.h}: enablers for #1037151
dbus/dbus-string.c: fix a local denial of service if assertions are
    enabled in the dbus-daemon, which in Debian they are not
doc/dbus-api-design.duck: fix a typo in some sample code, not functionally
    significant
configure.ac, dbus/dbus-sysdeps-unix.c: update bug reporting URLs
AUTHORS, NEWS, configure.ac: release administrivia
test/data/dbus-installed-tests.aaprofile.in: make a test profile a little
    more permissive to fix an autopkgtest regression on Ubuntu kernels
test/data/valid-config-files, test/monitor.c: reproducer for the denial
    of service bug

    smcv
debdiff *.dsc | filterdiff -p1 -xaminclude_static.am -xMakefile.in -x'*/Makefile.in' -xconfigure

diffstat for dbus-1.12.24 dbus-1.12.28

 AUTHORS                                         |    4 +
 Makefile.in                                     |    2 
 NEWS                                            |   54 +++++++++++++++
 aminclude_static.am                             |    2 
 build-aux/ltmain.sh                             |    4 -
 bus/Makefile.in                                 |    2 
 bus/connection.c                                |   15 ++++
 configure                                       |   36 +++++-----
 configure.ac                                    |    6 -
 dbus/Makefile.in                                |    2 
 dbus/dbus-connection-internal.h                 |    2 
 dbus/dbus-connection.c                          |   11 ++-
 dbus/dbus-string.c                              |    2 
 dbus/dbus-sysdeps-unix.c                        |    2 
 debian/changelog                                |   13 +++
 doc/dbus-api-design.duck                        |    4 -
 test/Makefile.in                                |    2 
 test/data/dbus-installed-tests.aaprofile.in     |    4 +
 test/data/valid-config-files/forbidding.conf.in |    3 
 test/monitor.c                                  |   84 +++++++++++++++++++++---
 20 files changed, 212 insertions(+), 42 deletions(-)

diff -Nru dbus-1.12.24/AUTHORS dbus-1.12.28/AUTHORS
--- dbus-1.12.24/AUTHORS	2022-10-05 11:04:10.000000000 +0100
+++ dbus-1.12.28/AUTHORS	2023-06-06 14:00:50.000000000 +0100
@@ -40,6 +40,7 @@
 Daniel P. Berrange <dan@berrange.com>
 Daniel Reed <djr@redhat.com>
 Dan Williams <dcbw@redhat.com>
+Dave Jones <dave.jones@canonical.com>
 Dave Reisner <dreisner@archlinux.org>
 David King <dking@redhat.com>
 David Zeuthen <davidz@redhat.com>
@@ -65,6 +66,7 @@
 Havoc Pennington <hp@pobox.com>
 Havoc Pennington <hp@redhat.com>
 Hendrik Buschmeier <hbuschme@TechFak.Uni-Bielefeld.DE>
+hongjinghao <q1204531485@163.com>
 hyeric <eric.hyer@diehl.com>
 ilovezfs <ilovezfs@icloud.com>
 Ioan-Adrian Ratiu <adrian.ratiu@ni.com>
@@ -113,6 +115,7 @@
 Marc Brockschmidt <he@debian.org>
 Marc Mutz <marc@kdab.net>
 Marc Mutz <marc.mutz@kdab.com>
+Marco Trevisan (Treviño) <mail@3v1n0.net>
 Marcus Brinkmann <marcus.brinkmann@ruhr-uni-bochum.de>
 Mark Brand <mabrand@mabrand.nl>
 Mark McLoughlin <mark@skynet.ie>
@@ -215,6 +218,7 @@
 Wulf C. Krueger <philantrop@exherbo.org>
 Xan Lopez <xan@gnome.org>
 Yaakov Selkowitz <yselkowitz@users.sourceforge.net>
+Yen-Chin, Lee <coldnew.tw@gmail.com>
 Yiyang Fei <YiYang.Fei@barco.com>
 Zack Rusin <zack@kde.org>
 Илья А. Ткаченко <ilya.tkachenko@syncopate.ru>
diff -Nru dbus-1.12.24/build-aux/ltmain.sh dbus-1.12.28/build-aux/ltmain.sh
--- dbus-1.12.24/build-aux/ltmain.sh	2022-10-05 11:04:51.000000000 +0100
+++ dbus-1.12.28/build-aux/ltmain.sh	2023-06-06 12:05:06.000000000 +0100
@@ -31,7 +31,7 @@
 
 PROGRAM=libtool
 PACKAGE=libtool
-VERSION="2.4.7 Debian-2.4.7-4"
+VERSION="2.4.7 Debian-2.4.7-5"
 package_revision=2.4.7
 
 
@@ -2308,7 +2308,7 @@
        compiler:       $LTCC
        compiler flags: $LTCFLAGS
        linker:         $LD (gnu? $with_gnu_ld)
-       version:        $progname $scriptversion Debian-2.4.7-4
+       version:        $progname $scriptversion Debian-2.4.7-5
        automake:       `($AUTOMAKE --version) 2>/dev/null |$SED 1q`
        autoconf:       `($AUTOCONF --version) 2>/dev/null |$SED 1q`
 
diff -Nru dbus-1.12.24/bus/connection.c dbus-1.12.28/bus/connection.c
--- dbus-1.12.24/bus/connection.c	2020-02-20 12:24:25.000000000 +0000
+++ dbus-1.12.28/bus/connection.c	2023-06-06 14:00:50.000000000 +0100
@@ -2350,6 +2350,21 @@
   if (!dbus_message_set_sender (message, DBUS_SERVICE_DBUS))
     return FALSE;
 
+  /* Make sure the message has a non-zero serial number, otherwise
+   * bus_transaction_capture_error_reply() will not be able to mock up
+   * a corresponding reply for it. Normally this would be delayed until
+   * the first time we actually send the message out from a
+   * connection, when the transaction is committed, but that's too late
+   * in this case.
+   */
+  if (dbus_message_get_serial (message) == 0)
+    {
+      dbus_uint32_t next_serial;
+
+      next_serial = _dbus_connection_get_next_client_serial (connection);
+      dbus_message_set_serial (message, next_serial);
+    }
+
   if (bus_connection_is_active (connection))
     {
       if (!dbus_message_set_destination (message,
diff -Nru dbus-1.12.24/configure.ac dbus-1.12.28/configure.ac
--- dbus-1.12.24/configure.ac	2022-10-05 11:01:35.000000000 +0100
+++ dbus-1.12.28/configure.ac	2023-06-06 14:00:50.000000000 +0100
@@ -3,7 +3,7 @@
 
 m4_define([dbus_major_version], [1])
 m4_define([dbus_minor_version], [12])
-m4_define([dbus_micro_version], [24])
+m4_define([dbus_micro_version], [28])
 m4_define([dbus_version],
           [dbus_major_version.dbus_minor_version.dbus_micro_version])
 AC_INIT([dbus],[dbus_version],[https://bugs.freedesktop.org/enter_bug.cgi?product=dbus],[dbus])
@@ -42,7 +42,7 @@
 
 ## increment any time the source changes; set to
 ##  0 if you increment CURRENT
-LT_REVISION=15
+LT_REVISION=17
 
 ## increment if any interfaces have been added; set to 0
 ## if any interfaces have been changed or removed. removal has
@@ -845,7 +845,7 @@
 save_libs="$LIBS"
 LIBS="$LIBS $THREAD_LIBS"
 
-is_missing_pthread_function="is required when compiling D-Bus on Unix platforms, but is not in your libc or libpthread. Please open a bug on https://bugs.freedesktop.org/enter_bug.cgi?product=dbus with details of your platform."
+is_missing_pthread_function="is required when compiling D-Bus on Unix platforms, but is not in your libc or libpthread. Please open a bug on https://gitlab.freedesktop.org/dbus/dbus/-/issues/new with details of your platform."
 
 # Don't do these automatic checks if the user set THREAD_LIBS on the
 # configure command-line. If they did, we assume they're right.
diff -Nru dbus-1.12.24/dbus/dbus-connection.c dbus-1.12.28/dbus/dbus-connection.c
--- dbus-1.12.24/dbus/dbus-connection.c	2018-02-08 14:07:21.000000000 +0000
+++ dbus-1.12.28/dbus/dbus-connection.c	2023-06-06 14:00:50.000000000 +0100
@@ -1456,7 +1456,16 @@
     _dbus_connection_last_unref (connection);
 }
 
-static dbus_uint32_t
+/**
+ * Allocate and return the next non-zero serial number for outgoing messages.
+ *
+ * This method is only valid to call from single-threaded code, such as
+ * the dbus-daemon, or with the connection lock held.
+ *
+ * @param connection the connection
+ * @returns A suitable serial number for the next message to be sent on the connection.
+ */
+dbus_uint32_t
 _dbus_connection_get_next_client_serial (DBusConnection *connection)
 {
   dbus_uint32_t serial;
diff -Nru dbus-1.12.24/dbus/dbus-connection-internal.h dbus-1.12.28/dbus/dbus-connection-internal.h
--- dbus-1.12.24/dbus/dbus-connection-internal.h	2017-10-30 12:26:18.000000000 +0000
+++ dbus-1.12.28/dbus/dbus-connection-internal.h	2023-06-06 14:00:50.000000000 +0100
@@ -54,6 +54,8 @@
 DBusConnection *  _dbus_connection_ref_unlocked                (DBusConnection     *connection);
 DBUS_PRIVATE_EXPORT
 void              _dbus_connection_unref_unlocked              (DBusConnection     *connection);
+DBUS_PRIVATE_EXPORT
+dbus_uint32_t     _dbus_connection_get_next_client_serial      (DBusConnection *connection);
 void              _dbus_connection_queue_received_message_link (DBusConnection     *connection,
                                                                 DBusList           *link);
 dbus_bool_t       _dbus_connection_has_messages_to_send_unlocked (DBusConnection     *connection);
diff -Nru dbus-1.12.24/dbus/dbus-string.c dbus-1.12.28/dbus/dbus-string.c
--- dbus-1.12.24/dbus/dbus-string.c	2017-10-30 12:26:18.000000000 +0000
+++ dbus-1.12.28/dbus/dbus-string.c	2023-02-08 11:40:58.000000000 +0000
@@ -1818,7 +1818,7 @@
       ++i;
     }
 
-  _dbus_assert (i == real->len || !DBUS_IS_ASCII_WHITE (real->str[i]));
+  _dbus_assert (i == real->len || !DBUS_IS_ASCII_BLANK (real->str[i]));
   
   if (end)
     *end = i;
diff -Nru dbus-1.12.24/dbus/dbus-sysdeps-unix.c dbus-1.12.28/dbus/dbus-sysdeps-unix.c
--- dbus-1.12.24/dbus/dbus-sysdeps-unix.c	2021-12-17 12:55:33.000000000 +0000
+++ dbus-1.12.28/dbus/dbus-sysdeps-unix.c	2023-02-08 11:41:48.000000000 +0000
@@ -2217,7 +2217,7 @@
 #else /* no supported mechanism */
 
 #warning Socket credentials not supported on this Unix OS
-#warning Please tell https://bugs.freedesktop.org/enter_bug.cgi?product=DBus
+#warning Please tell https://gitlab.freedesktop.org/dbus/dbus/-/issues/new
 
     /* Please add other operating systems known to support at least one of
      * the mechanisms above to this list, keeping alphabetical order.
diff -Nru dbus-1.12.24/debian/changelog dbus-1.12.28/debian/changelog
--- dbus-1.12.24/debian/changelog	2022-10-05 12:04:31.000000000 +0100
+++ dbus-1.12.28/debian/changelog	2023-06-06 15:07:35.000000000 +0100
@@ -1,3 +1,16 @@
+dbus (1.12.28-0+deb11u1) bullseye; urgency=medium
+
+  * New upstream stable release 1.12.26
+    - Fixes a denial of service issue that is not relevant for the way
+      we compile dbus in Debian
+  * New upstream stable release 1.12.28
+    - Fixes a denial of service issue if the root or messagebus user is
+      monitoring messages on the system bus with the Monitoring interface
+      (dbus-monitor, busctl monitor, gdbus monitor or similar)
+      (Closes: #1037151)
+
+ -- Simon McVittie <smcv@debian.org>  Tue, 06 Jun 2023 15:07:35 +0100
+
 dbus (1.12.24-0+deb11u1) bullseye-security; urgency=medium
 
   * New upstream stable release 1.12.22
diff -Nru dbus-1.12.24/doc/dbus-api-design.duck dbus-1.12.28/doc/dbus-api-design.duck
--- dbus-1.12.24/doc/dbus-api-design.duck	2018-02-08 14:13:45.000000000 +0000
+++ dbus-1.12.28/doc/dbus-api-design.duck	2023-06-06 10:36:54.000000000 +0100
@@ -320,7 +320,7 @@
     -->
     <signal name="ProgressNotification">
       <arg name="progress_message" type="s" />
-    </method>
+    </signal>
 
   The progress should be reported as an enumerated value:
   [code style="valid" mime="application/xml"]
@@ -335,7 +335,7 @@
     -->
     <signal name="ProgressNotification">
       <arg name="progress_state" type="u" />
-    </method>
+    </signal>
 
 D-Bus has none of the problems of signed versus unsigned integers which C has
 (specifically, it does not do implicit sign conversion), so integer types should
diff -Nru dbus-1.12.24/NEWS dbus-1.12.28/NEWS
--- dbus-1.12.24/NEWS	2022-10-05 11:01:46.000000000 +0100
+++ dbus-1.12.28/NEWS	2023-06-06 14:00:50.000000000 +0100
@@ -1,3 +1,57 @@
+dbus 1.12.x branch
+==================
+
+The dbus 1.12.x branch was originally released in 2017, and is maintained
+for the benefit of long-term-support OS distributions such as Debian.
+It is planned to reach end-of-life status at the end of Debian 11
+mainstream security support, in mid 2024. After it reaches end-of-life
+there will be no more 1.12.x releases, even if new security issues
+are discovered.
+
+dbus 1.12.28 (2023-06-06)
+=========================
+
+Denial-of-service fixes:
+
+• Fix an assertion failure in dbus-daemon when a privileged Monitoring
+  connection (dbus-monitor, busctl monitor, gdbus monitor or similar)
+  is active, and a message from the bus driver cannot be delivered to a
+  client connection due to <deny> rules or outgoing message quota. This
+  is a denial of service if triggered maliciously by a local attacker.
+  (dbus#457; hongjinghao, Simon McVittie)
+
+Other fixes:
+
+• Documentation:
+  · Fix syntax of a code sample in dbus-api-design
+    (dbus!396; Yen-Chin, Lee)
+
+Tests and CI enhancements:
+
+• Fix CI pipelines after freedesktop/freedesktop#540
+  (dbus!405, dbus#456; Simon McVittie)
+
+dbus 1.12.26 (2023-02-08)
+=========================
+
+Denial of service fixes:
+
+• Fix an incorrect assertion that could be used to crash dbus-daemon or
+  other users of DBusServer prior to authentication, if libdbus was compiled
+  with assertions enabled.
+  We recommend that production builds of dbus, for example in OS distributions,
+  should be compiled with checks but without assertions.
+  (dbus#421, Ralf Habacker; thanks to Evgeny Vereshchagin)
+
+Other fixes:
+
+• Documentation:
+  · Consistently use Gitlab bug reporting URL (dbus!372, Marco Trevisan)
+
+• Tests fixes:
+  · Fix the test-apparmor-activation test after dbus#416
+    (dbus!380, Dave Jones)
+
 dbus 1.12.24 (2022-10-05)
 =========================
 
diff -Nru dbus-1.12.24/test/data/dbus-installed-tests.aaprofile.in dbus-1.12.28/test/data/dbus-installed-tests.aaprofile.in
--- dbus-1.12.24/test/data/dbus-installed-tests.aaprofile.in	2017-10-30 12:26:18.000000000 +0000
+++ dbus-1.12.28/test/data/dbus-installed-tests.aaprofile.in	2023-02-08 11:41:44.000000000 +0000
@@ -32,6 +32,7 @@
   # We aren't really confining this process seriously; allow most things.
   /** mrix,
   /tmp/dbus-daemon-test.*/{,**} w,
+  /tmp/dbus-* w,
   @{sys}/kernel/security/apparmor/** w,
   dbus (send, receive, bind),
   network,
@@ -44,6 +45,7 @@
     #include <abstractions/base>
 
     /** mrix,
+    /tmp/dbus-* w,
     @{sys}/kernel/security/apparmor/** w,
     dbus (send, receive, bind),
     network,
@@ -62,6 +64,7 @@
     #include <abstractions/base>
 
     /** mrix,
+    /tmp/dbus-* w,
     @{sys}/kernel/security/apparmor/** w,
     dbus,
     network,
@@ -88,6 +91,7 @@
     #include <abstractions/base>
 
     /** mrix,
+    /tmp/dbus-* w,
     @{sys}/kernel/security/apparmor/** w,
     dbus (send, receive, bind),
     network,
diff -Nru dbus-1.12.24/test/data/valid-config-files/forbidding.conf.in dbus-1.12.28/test/data/valid-config-files/forbidding.conf.in
--- dbus-1.12.24/test/data/valid-config-files/forbidding.conf.in	2017-10-30 12:26:18.000000000 +0000
+++ dbus-1.12.28/test/data/valid-config-files/forbidding.conf.in	2023-06-06 14:00:50.000000000 +0100
@@ -24,5 +24,8 @@
     <allow send_interface="com.example.CannotUnicast2" send_broadcast="true"/>
 
     <deny receive_interface="com.example.CannotReceive"/>
+
+    <!-- Used to reproduce dbus#457 -->
+    <deny receive_interface="org.freedesktop.DBus" receive_member="NameAcquired"/>
   </policy>
 </busconfig>
diff -Nru dbus-1.12.24/test/monitor.c dbus-1.12.28/test/monitor.c
--- dbus-1.12.24/test/monitor.c	2018-06-04 17:52:18.000000000 +0100
+++ dbus-1.12.28/test/monitor.c	2023-06-06 14:00:50.000000000 +0100
@@ -155,6 +155,21 @@
     TRUE
 };
 
+static dbus_bool_t
+config_forbids_name_acquired_signal (const Config *config)
+{
+  if (config == NULL)
+    return FALSE;
+
+  if (config->config_file == NULL)
+    return FALSE;
+
+  if (strcmp (config->config_file, forbidding_config.config_file) == 0)
+    return TRUE;
+
+  return FALSE;
+}
+
 static inline const char *
 not_null2 (const char *x,
     const char *fallback)
@@ -196,6 +211,10 @@
       not_null (dbus_message_get_signature (m)));
   g_test_message ("\terror name: %s",
       not_null (dbus_message_get_error_name (m)));
+  g_test_message ("\tserial number: %u",
+      dbus_message_get_serial (m));
+  g_test_message ("\tin reply to: %u",
+      dbus_message_get_reply_serial (m));
 
   if (strcmp ("s", dbus_message_get_signature (m)) == 0)
     {
@@ -249,9 +268,6 @@
 
 #define assert_name_acquired(m) \
 do { \
-  DBusError _e = DBUS_ERROR_INIT; \
-  const char *_s; \
-    \
   g_assert_cmpstr (dbus_message_type_to_string (dbus_message_get_type (m)), \
       ==, dbus_message_type_to_string (DBUS_MESSAGE_TYPE_SIGNAL)); \
   g_assert_cmpstr (dbus_message_get_sender (m), ==, DBUS_SERVICE_DBUS); \
@@ -261,7 +277,14 @@
   g_assert_cmpstr (dbus_message_get_signature (m), ==, "s"); \
   g_assert_cmpint (dbus_message_get_serial (m), !=, 0); \
   g_assert_cmpint (dbus_message_get_reply_serial (m), ==, 0); \
+} while (0)
+
+#define assert_unique_name_acquired(m) \
+do { \
+  DBusError _e = DBUS_ERROR_INIT; \
+  const char *_s; \
     \
+  assert_name_acquired (m); \
   dbus_message_get_args (m, &_e, \
         DBUS_TYPE_STRING, &_s, \
         DBUS_TYPE_INVALID); \
@@ -329,6 +352,21 @@
   g_assert_cmpint (dbus_message_get_reply_serial (m), !=, 0); \
 } while (0)
 
+/* forbidding.conf does not allow receiving NameAcquired, so if we are in
+ * that configuration, then dbus-daemon synthesizes an error reply to itself
+ * and sends that to monitors */
+#define expect_name_acquired_error(queue, in_reply_to) \
+do { \
+  DBusMessage *message; \
+  \
+  message = g_queue_pop_head (queue); \
+  assert_error_reply (message, DBUS_SERVICE_DBUS, DBUS_SERVICE_DBUS, \
+                      DBUS_ERROR_ACCESS_DENIED); \
+  g_assert_cmpint (dbus_message_get_reply_serial (message), ==, \
+                   dbus_message_get_serial (in_reply_to)); \
+  dbus_message_unref (message); \
+} while (0)
+
 /* This is called after processing pending replies to our own method
  * calls, but before anything else.
  */
@@ -339,6 +377,9 @@
 {
   Fixture *f = user_data;
 
+  g_test_message ("Monitor received message:");
+  log_message (message);
+
   g_assert_cmpstr (dbus_message_get_interface (message), !=,
       "com.example.Tedious");
 
@@ -790,6 +831,11 @@
   test_assert_no_error (&f->e);
   g_assert_cmpint (ret, ==, DBUS_REQUEST_NAME_REPLY_PRIMARY_OWNER);
 
+  /* If the policy forbids receiving NameAcquired, then we'll never
+   * receive it, so behave as though we had */
+  if (config_forbids_name_acquired_signal (f->config))
+    got_unique = got_a = got_b = got_c = TRUE;
+
   while (!got_unique || !got_a || !got_b || !got_c)
     {
       if (g_queue_is_empty (&f->monitored))
@@ -1441,6 +1487,7 @@
 {
   DBusMessage *m;
   int res;
+  size_t n_expected;
 
   if (f->address == NULL)
     return;
@@ -1456,7 +1503,12 @@
   test_assert_no_error (&f->e);
   g_assert_cmpint (res, ==, DBUS_RELEASE_NAME_REPLY_RELEASED);
 
-  while (g_queue_get_length (&f->monitored) < 8)
+  n_expected = 8;
+
+  if (config_forbids_name_acquired_signal (context))
+    n_expected += 1;
+
+  while (g_queue_get_length (&f->monitored) < n_expected)
     test_main_context_iterate (f->ctx, TRUE);
 
   m = g_queue_pop_head (&f->monitored);
@@ -1469,10 +1521,12 @@
       "NameOwnerChanged", "sss", NULL);
   dbus_message_unref (m);
 
-  /* FIXME: should we get this? */
   m = g_queue_pop_head (&f->monitored);
-  assert_signal (m, DBUS_SERVICE_DBUS, DBUS_PATH_DBUS, DBUS_INTERFACE_DBUS,
-      "NameAcquired", "s", f->sender_name);
+  assert_name_acquired (m);
+
+  if (config_forbids_name_acquired_signal (f->config))
+    expect_name_acquired_error (&f->monitored, m);
+
   dbus_message_unref (m);
 
   m = g_queue_pop_head (&f->monitored);
@@ -1694,8 +1748,14 @@
 expect_new_connection (Fixture *f)
 {
   DBusMessage *m;
+  size_t n_expected;
 
-  while (g_queue_get_length (&f->monitored) < 4)
+  n_expected = 4;
+
+  if (config_forbids_name_acquired_signal (f->config))
+    n_expected += 1;
+
+  while (g_queue_get_length (&f->monitored) < n_expected)
     test_main_context_iterate (f->ctx, TRUE);
 
   m = g_queue_pop_head (&f->monitored);
@@ -1712,7 +1772,11 @@
   dbus_message_unref (m);
 
   m = g_queue_pop_head (&f->monitored);
-  assert_name_acquired (m);
+  assert_unique_name_acquired (m);
+
+  if (config_forbids_name_acquired_signal (f->config))
+    expect_name_acquired_error (&f->monitored, m);
+
   dbus_message_unref (m);
 }
 
@@ -2037,6 +2101,8 @@
       setup, test_method_call, teardown);
   g_test_add ("/monitor/forbidden-method", Fixture, &forbidding_config,
       setup, test_forbidden_method_call, teardown);
+  g_test_add ("/monitor/forbidden-reply", Fixture, &forbidding_config,
+      setup, test_dbus_daemon, teardown);
   g_test_add ("/monitor/dbus-daemon", Fixture, NULL,
       setup, test_dbus_daemon, teardown);
   g_test_add ("/monitor/selective", Fixture, &selective_config,

Reply to: