dbus/dbus dbus-auth-script.c, 1.13, 1.14 dbus-auth.c, 1.33,
1.34 dbus-transport-unix.c, 1.35, 1.36 dbus-transport.c, 1.37, 1.38
Kristian Hogsberg
krh at pdx.freedesktop.org
Mon May 17 16:34:57 PDT 2004
Update of /cvs/dbus/dbus/dbus
In directory pdx:/tmp/cvs-serv13777/dbus
Modified Files:
dbus-auth-script.c dbus-auth.c dbus-transport-unix.c
dbus-transport.c
Log Message:
* dbus/dbus-auth.c (client_try_next_mechanism): Remove logic to
filter against auth->allowed_mechs; we only add allowed mechs in
record_mechanisms().
* dbus/dbus-auth-script.c (_dbus_auth_script_run): Add an
ALLOWED_MECHS to auth-script format so we can set the list of
allowed mechanisms.
* data/auth/client-out-of-mechanisms.auth-script: New test to
check client disconnects when it is out of mechanisms to try.
* dbus/dbus-auth.c (process_command): Remove check for lines
longer that 1 MB; we only buffer up maximum 16 kB.
* dbus/dbus-transport.c, dbus/dbus-transport-unix.c,
dbus/dbus-auth-script.c, dbus/dbus-auth.c, dbus/dbus-auth.h:
Remove auth state AUTHENTICATED_WITH_UNUSED_BYTES, instead always
assume there might be unused bytes.
* dbus/dbus-auth.c (_dbus_auth_do_work): Remove check for
client-out-of-mechs, it is handled in process_reject(). Move check
for max failures to send_rejected(), as it's a server-only thing.
Index: dbus-auth-script.c
===================================================================
RCS file: /cvs/dbus/dbus/dbus/dbus-auth-script.c,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -d -r1.13 -r1.14
--- a/dbus-auth-script.c 17 May 2004 22:19:04 -0000 1.13
+++ b/dbus-auth-script.c 17 May 2004 23:34:55 -0000 1.14
@@ -141,8 +141,6 @@
return DBUS_AUTH_STATE_HAVE_BYTES_TO_SEND;
else if (_dbus_string_starts_with_c_str (str, "NEED_DISCONNECT"))
return DBUS_AUTH_STATE_NEED_DISCONNECT;
- else if (_dbus_string_starts_with_c_str (str, "AUTHENTICATED_WITH_UNUSED_BYTES"))
- return DBUS_AUTH_STATE_AUTHENTICATED_WITH_UNUSED_BYTES;
else if (_dbus_string_starts_with_c_str (str, "AUTHENTICATED"))
return DBUS_AUTH_STATE_AUTHENTICATED;
else
@@ -162,8 +160,6 @@
return "HAVE_BYTES_TO_SEND";
case DBUS_AUTH_STATE_NEED_DISCONNECT:
return "NEED_DISCONNECT";
- case DBUS_AUTH_STATE_AUTHENTICATED_WITH_UNUSED_BYTES:
- return "AUTHENTICATED_WITH_UNUSED_BYTES";
case DBUS_AUTH_STATE_AUTHENTICATED:
return "AUTHENTICATED";
}
@@ -171,6 +167,49 @@
return "unknown";
}
+static char **
+split_string (DBusString *str)
+{
+ int i, j, k, count, end;
+ char **array;
+
+ end = _dbus_string_get_length (str);
+
+ i = 0;
+ _dbus_string_skip_blank (str, i, &i);
+ for (count = 0; i < end; count++)
+ {
+ _dbus_string_find_blank (str, i, &i);
+ _dbus_string_skip_blank (str, i, &i);
+ }
+
+ array = dbus_new0 (char *, count + 1);
+ if (array == NULL)
+ return NULL;
+
+ i = 0;
+ _dbus_string_skip_blank (str, i, &i);
+ for (k = 0; k < count; k++)
+ {
+ _dbus_string_find_blank (str, i, &j);
+
+ array[k] = dbus_malloc (j - i + 1);
+ if (array[k] == NULL)
+ {
+ dbus_free_string_array (array);
+ return NULL;
+ }
+ memcpy (array[k],
+ _dbus_string_get_const_data_len (str, i, j - i), j - i);
+ array[k][j - i] = '\0';
+
+ _dbus_string_skip_blank (str, j, &i);
+ }
+ array[k] = NULL;
+
+ return array;
+}
+
/**
* Runs an "auth script" which is a script for testing the
* authentication protocol. Scripts send and receive data, and then
@@ -336,6 +375,16 @@
_dbus_auth_set_credentials (auth, &creds);
}
else if (_dbus_string_starts_with_c_str (&line,
+ "ALLOWED_MECHS"))
+ {
+ char **mechs;
+
+ _dbus_string_delete_first_word (&line);
+ mechs = split_string (&line);
+ _dbus_auth_set_mechanisms (auth, (const char **) mechs);
+ dbus_free_string_array (mechs);
+ }
+ else if (_dbus_string_starts_with_c_str (&line,
"SEND"))
{
DBusString to_send;
@@ -605,10 +654,17 @@
}
if (auth != NULL &&
- state == DBUS_AUTH_STATE_AUTHENTICATED_WITH_UNUSED_BYTES)
+ state == DBUS_AUTH_STATE_AUTHENTICATED)
{
- _dbus_warn ("did not expect unused bytes (scripts must specify explicitly if they are expected)\n");
- goto out;
+ const DBusString *unused;
+
+ _dbus_auth_get_unused_bytes (auth, &unused);
+
+ if (_dbus_string_get_length (unused) > 0)
+ {
+ _dbus_warn ("did not expect unused bytes (scripts must specify explicitly if they are expected)\n");
+ goto out;
+ }
}
if (_dbus_string_get_length (&from_auth) > 0)
Index: dbus-auth.c
===================================================================
RCS file: /cvs/dbus/dbus/dbus/dbus-auth.c,v
retrieving revision 1.33
retrieving revision 1.34
diff -u -d -r1.33 -r1.34
--- a/dbus-auth.c 17 May 2004 23:09:37 -0000 1.33
+++ b/dbus-auth.c 17 May 2004 23:34:55 -0000 1.34
@@ -1274,6 +1274,9 @@
server_auth = DBUS_AUTH_SERVER (auth);
server_auth->failures += 1;
+ if (server_auth->failures >= server_auth->max_failures)
+ auth->need_disconnect = TRUE;
+
_dbus_string_free (&command);
return TRUE;
@@ -1605,34 +1608,15 @@
DBusAuthClient *client;
client = DBUS_AUTH_CLIENT (auth);
-
- /* Pop any mechs not in the list of allowed mechanisms */
- mech = NULL;
- while (client->mechs_to_try != NULL)
- {
- mech = client->mechs_to_try->data;
- if (auth->allowed_mechs != NULL &&
- !_dbus_string_array_contains ((const char**) auth->allowed_mechs,
- mech->mechanism))
- {
- /* don't try this one after all */
- _dbus_verbose ("%s: Mechanism %s isn't in the list of allowed mechanisms\n",
- DBUS_AUTH_NAME (auth), mech->mechanism);
- mech = NULL;
- _dbus_list_pop_first (& client->mechs_to_try);
- }
- else
- break; /* we'll try this one */
- }
-
- if (mech == NULL)
- return FALSE;
+ _dbus_assert (client->mechs_to_try != NULL);
+
+ mech = client->mechs_to_try->data;
if (!send_auth (auth, mech))
return FALSE;
- _dbus_list_pop_first (& DBUS_AUTH_CLIENT (auth)->mechs_to_try);
+ _dbus_list_pop_first (&client->mechs_to_try);
_dbus_verbose ("%s: Trying mechanism %s\n",
DBUS_AUTH_NAME (auth),
@@ -1662,6 +1646,8 @@
else
{
/* Give up */
+ _dbus_verbose ("%s: Disconnecting because we are out of mechanisms to try using\n",
+ DBUS_AUTH_NAME (auth));
auth->need_disconnect = TRUE;
}
@@ -1793,15 +1779,6 @@
return FALSE;
}
- if (eol > _DBUS_ONE_MEGABYTE)
- {
- /* This is a giant line, someone is trying to hose us. */
- if (!send_error (auth, "Command too long"))
- goto out;
- else
- goto next_command;
- }
-
if (!_dbus_string_copy_len (&auth->incoming, 0, eol, &command, 0))
goto out;
@@ -2061,33 +2038,13 @@
DBUS_AUTH_NAME (auth));
break;
}
-
- if (auth->mech == NULL &&
- auth->already_got_mechanisms &&
- DBUS_AUTH_CLIENT (auth)->mechs_to_try == NULL)
- {
- auth->need_disconnect = TRUE;
- _dbus_verbose ("%s: Disconnecting because we are out of mechanisms to try using\n",
- DBUS_AUTH_NAME (auth));
- break;
- }
}
while (process_command (auth));
- if (DBUS_AUTH_IS_SERVER (auth) &&
- DBUS_AUTH_SERVER (auth)->failures >=
- DBUS_AUTH_SERVER (auth)->max_failures)
- auth->need_disconnect = TRUE;
-
if (auth->need_disconnect)
return DBUS_AUTH_STATE_NEED_DISCONNECT;
else if (auth->authenticated)
- {
- if (_dbus_string_get_length (&auth->incoming) > 0)
- return DBUS_AUTH_STATE_AUTHENTICATED_WITH_UNUSED_BYTES;
- else
- return DBUS_AUTH_STATE_AUTHENTICATED;
- }
+ return DBUS_AUTH_STATE_AUTHENTICATED;
else if (auth->needed_memory)
return DBUS_AUTH_STATE_WAITING_FOR_MEMORY;
else if (_dbus_string_get_length (&auth->outgoing) > 0)
Index: dbus-transport-unix.c
===================================================================
RCS file: /cvs/dbus/dbus/dbus/dbus-transport-unix.c,v
retrieving revision 1.35
retrieving revision 1.36
diff -u -d -r1.35 -r1.36
--- a/dbus-transport-unix.c 19 Apr 2004 22:09:55 -0000 1.35
+++ b/dbus-transport-unix.c 17 May 2004 23:34:55 -0000 1.36
@@ -373,13 +373,6 @@
do_io_error (transport);
break;
- case DBUS_AUTH_STATE_AUTHENTICATED_WITH_UNUSED_BYTES:
- _dbus_verbose (" %s auth state: auth with unused bytes\n",
- TRANSPORT_SIDE (transport));
- /* We'll recover the unused bytes in dbus-transport.c */
- goto out;
- break;
-
case DBUS_AUTH_STATE_AUTHENTICATED:
_dbus_verbose (" %s auth state: authenticated\n",
TRANSPORT_SIDE (transport));
Index: dbus-transport.c
===================================================================
RCS file: /cvs/dbus/dbus/dbus/dbus-transport.c,v
retrieving revision 1.37
retrieving revision 1.38
diff -u -d -r1.37 -r1.38
--- a/dbus-transport.c 2 Dec 2003 10:44:21 -0000 1.37
+++ b/dbus-transport.c 17 May 2004 23:34:55 -0000 1.38
@@ -464,7 +464,6 @@
switch (_dbus_auth_do_work (transport->auth))
{
case DBUS_AUTH_STATE_AUTHENTICATED:
- case DBUS_AUTH_STATE_AUTHENTICATED_WITH_UNUSED_BYTES:
/* leave as maybe_authenticated */
break;
default:
@@ -674,9 +673,6 @@
static dbus_bool_t
recover_unused_bytes (DBusTransport *transport)
{
- if (_dbus_auth_do_work (transport->auth) != DBUS_AUTH_STATE_AUTHENTICATED_WITH_UNUSED_BYTES)
- return TRUE;
-
if (_dbus_auth_needs_decoding (transport->auth))
{
DBusString plaintext;
More information about the dbus-commit
mailing list