* dbus/dbus-auth.c (client_try_next_mechanism): Remove logic to

filter against auth->allowed_mechs; we only add allowed mechs in record_mechanisms(). * dbus/dbus-auth-script.c (_dbus_auth_script_run): Add an ALLOWED_MECHS to auth-script format so we can set the list of allowed mechanisms. * data/auth/client-out-of-mechanisms.auth-script: New test to check client disconnects when it is out of mechanisms to try. * dbus/dbus-auth.c (process_command): Remove check for lines longer that 1 MB; we only buffer up maximum 16 kB. * dbus/dbus-transport.c, dbus/dbus-transport-unix.c, dbus/dbus-auth-script.c, dbus/dbus-auth.c, dbus/dbus-auth.h: Remove auth state AUTHENTICATED_WITH_UNUSED_BYTES, instead always assume there might be unused bytes. * dbus/dbus-auth.c (_dbus_auth_do_work): Remove check for client-out-of-mechs, it is handled in process_reject(). Move check for max failures to send_rejected(), as it's a server-only thing.
author: Kristian Høgsberg <krh@redhat.com> 2004-05-17 23:34:55 +0000
committer: Kristian Høgsberg <krh@redhat.com> 2004-05-17 23:34:55 +0000
commit: c614e5b4b12c771422da809014904fccccd442c8 (patch)
tree: 32dd677a603a747f91110f666a1436a8950cdf0c /dbus/dbus-auth-script.c
parent: 6527ee5134d8fef66549cdbb634a79b27aae90fc (diff)
1 files changed, 63 insertions, 7 deletions
diff --git a/dbus/dbus-auth-script.c b/dbus/dbus-auth-script.c
index 0c6426db..acb1e32b 100644
--- a/dbus/dbus-auth-script.c
+++ b/dbus/dbus-auth-script.c
@@ -141,8 +141,6 @@ auth_state_from_string (const DBusString *str)
     return DBUS_AUTH_STATE_HAVE_BYTES_TO_SEND;
   else if (_dbus_string_starts_with_c_str (str, "NEED_DISCONNECT"))
     return DBUS_AUTH_STATE_NEED_DISCONNECT;
-  else if (_dbus_string_starts_with_c_str (str, "AUTHENTICATED_WITH_UNUSED_BYTES"))
-    return DBUS_AUTH_STATE_AUTHENTICATED_WITH_UNUSED_BYTES;
   else if (_dbus_string_starts_with_c_str (str, "AUTHENTICATED"))
     return DBUS_AUTH_STATE_AUTHENTICATED;
   else
@@ -162,8 +160,6 @@ auth_state_to_string (DBusAuthState state)
       return "HAVE_BYTES_TO_SEND";
     case DBUS_AUTH_STATE_NEED_DISCONNECT:
       return "NEED_DISCONNECT";
-    case DBUS_AUTH_STATE_AUTHENTICATED_WITH_UNUSED_BYTES:
-      return "AUTHENTICATED_WITH_UNUSED_BYTES";
     case DBUS_AUTH_STATE_AUTHENTICATED:
       return "AUTHENTICATED";
     }
@@ -171,6 +167,49 @@ auth_state_to_string (DBusAuthState state)
   return "unknown";
 }
 
+static char **
+split_string (DBusString *str)
+{
+  int i, j, k, count, end;
+  char **array;
+
+  end = _dbus_string_get_length (str);
+
+  i = 0;
+  _dbus_string_skip_blank (str, i, &i);
+  for (count = 0; i < end; count++)
+    {
+      _dbus_string_find_blank (str, i, &i);
+      _dbus_string_skip_blank (str, i, &i);
+    }
+
+  array = dbus_new0 (char *, count + 1);
+  if (array == NULL)
+    return NULL;
+
+  i = 0;
+  _dbus_string_skip_blank (str, i, &i);
+  for (k = 0; k < count; k++)
+    {
+      _dbus_string_find_blank (str, i, &j);
+
+      array[k] = dbus_malloc (j - i + 1);
+      if (array[k] == NULL)
+        {
+          dbus_free_string_array (array);
+          return NULL;
+        }
+      memcpy (array[k],
+              _dbus_string_get_const_data_len (str, i, j - i), j - i);
+      array[k][j - i] = '\0';
+
+      _dbus_string_skip_blank (str, j, &i);
+    }
+  array[k] = NULL;
+
+  return array;
+}
+
 /**
  * Runs an "auth script" which is a script for testing the
  * authentication protocol. Scripts send and receive data, and then
@@ -336,6 +375,16 @@ _dbus_auth_script_run (const DBusString *filename)
           _dbus_auth_set_credentials (auth, &creds);          
         }
       else if (_dbus_string_starts_with_c_str (&line,
+                                               "ALLOWED_MECHS"))
+        {
+          char **mechs;
+
+          _dbus_string_delete_first_word (&line);
+          mechs = split_string (&line);
+          _dbus_auth_set_mechanisms (auth, (const char **) mechs);
+          dbus_free_string_array (mechs);
+        }
+      else if (_dbus_string_starts_with_c_str (&line,
                                                "SEND"))
         {
           DBusString to_send;
@@ -605,10 +654,17 @@ _dbus_auth_script_run (const DBusString *filename)
     }
 
   if (auth != NULL &&
-      state == DBUS_AUTH_STATE_AUTHENTICATED_WITH_UNUSED_BYTES)
+      state == DBUS_AUTH_STATE_AUTHENTICATED)
     {
-      _dbus_warn ("did not expect unused bytes (scripts must specify explicitly if they are expected)\n");
-      goto out;
+      const DBusString *unused;
+
+      _dbus_auth_get_unused_bytes (auth, &unused);
+
+      if (_dbus_string_get_length (unused) > 0)
+        {
+          _dbus_warn ("did not expect unused bytes (scripts must specify explicitly if they are expected)\n");
+          goto out;
+        }
     }
 
   if (_dbus_string_get_length (&from_auth) > 0)
author	Kristian Høgsberg <krh@redhat.com>	2004-05-17 23:34:55 +0000
committer	Kristian Høgsberg <krh@redhat.com>	2004-05-17 23:34:55 +0000
commit	c614e5b4b12c771422da809014904fccccd442c8 (patch)
tree	32dd677a603a747f91110f666a1436a8950cdf0c /dbus/dbus-auth-script.c
parent	6527ee5134d8fef66549cdbb634a79b27aae90fc (diff)