diff options
author | Kristian Høgsberg <krh@redhat.com> | 2004-05-17 23:34:55 +0000 |
---|---|---|
committer | Kristian Høgsberg <krh@redhat.com> | 2004-05-17 23:34:55 +0000 |
commit | c614e5b4b12c771422da809014904fccccd442c8 (patch) | |
tree | 32dd677a603a747f91110f666a1436a8950cdf0c /dbus/dbus-auth-script.c | |
parent | 6527ee5134d8fef66549cdbb634a79b27aae90fc (diff) |
* dbus/dbus-auth.c (client_try_next_mechanism): Remove logic to
filter against auth->allowed_mechs; we only add allowed mechs in
record_mechanisms().
* dbus/dbus-auth-script.c (_dbus_auth_script_run): Add an
ALLOWED_MECHS to auth-script format so we can set the list of
allowed mechanisms.
* data/auth/client-out-of-mechanisms.auth-script: New test to
check client disconnects when it is out of mechanisms to try.
* dbus/dbus-auth.c (process_command): Remove check for lines
longer that 1 MB; we only buffer up maximum 16 kB.
* dbus/dbus-transport.c, dbus/dbus-transport-unix.c,
dbus/dbus-auth-script.c, dbus/dbus-auth.c, dbus/dbus-auth.h:
Remove auth state AUTHENTICATED_WITH_UNUSED_BYTES, instead always
assume there might be unused bytes.
* dbus/dbus-auth.c (_dbus_auth_do_work): Remove check for
client-out-of-mechs, it is handled in process_reject(). Move check
for max failures to send_rejected(), as it's a server-only thing.
Diffstat (limited to 'dbus/dbus-auth-script.c')
-rw-r--r-- | dbus/dbus-auth-script.c | 70 |
1 files changed, 63 insertions, 7 deletions
diff --git a/dbus/dbus-auth-script.c b/dbus/dbus-auth-script.c index 0c6426db..acb1e32b 100644 --- a/dbus/dbus-auth-script.c +++ b/dbus/dbus-auth-script.c @@ -141,8 +141,6 @@ auth_state_from_string (const DBusString *str) return DBUS_AUTH_STATE_HAVE_BYTES_TO_SEND; else if (_dbus_string_starts_with_c_str (str, "NEED_DISCONNECT")) return DBUS_AUTH_STATE_NEED_DISCONNECT; - else if (_dbus_string_starts_with_c_str (str, "AUTHENTICATED_WITH_UNUSED_BYTES")) - return DBUS_AUTH_STATE_AUTHENTICATED_WITH_UNUSED_BYTES; else if (_dbus_string_starts_with_c_str (str, "AUTHENTICATED")) return DBUS_AUTH_STATE_AUTHENTICATED; else @@ -162,8 +160,6 @@ auth_state_to_string (DBusAuthState state) return "HAVE_BYTES_TO_SEND"; case DBUS_AUTH_STATE_NEED_DISCONNECT: return "NEED_DISCONNECT"; - case DBUS_AUTH_STATE_AUTHENTICATED_WITH_UNUSED_BYTES: - return "AUTHENTICATED_WITH_UNUSED_BYTES"; case DBUS_AUTH_STATE_AUTHENTICATED: return "AUTHENTICATED"; } @@ -171,6 +167,49 @@ auth_state_to_string (DBusAuthState state) return "unknown"; } +static char ** +split_string (DBusString *str) +{ + int i, j, k, count, end; + char **array; + + end = _dbus_string_get_length (str); + + i = 0; + _dbus_string_skip_blank (str, i, &i); + for (count = 0; i < end; count++) + { + _dbus_string_find_blank (str, i, &i); + _dbus_string_skip_blank (str, i, &i); + } + + array = dbus_new0 (char *, count + 1); + if (array == NULL) + return NULL; + + i = 0; + _dbus_string_skip_blank (str, i, &i); + for (k = 0; k < count; k++) + { + _dbus_string_find_blank (str, i, &j); + + array[k] = dbus_malloc (j - i + 1); + if (array[k] == NULL) + { + dbus_free_string_array (array); + return NULL; + } + memcpy (array[k], + _dbus_string_get_const_data_len (str, i, j - i), j - i); + array[k][j - i] = '\0'; + + _dbus_string_skip_blank (str, j, &i); + } + array[k] = NULL; + + return array; +} + /** * Runs an "auth script" which is a script for testing the * authentication protocol. Scripts send and receive data, and then @@ -336,6 +375,16 @@ _dbus_auth_script_run (const DBusString *filename) _dbus_auth_set_credentials (auth, &creds); } else if (_dbus_string_starts_with_c_str (&line, + "ALLOWED_MECHS")) + { + char **mechs; + + _dbus_string_delete_first_word (&line); + mechs = split_string (&line); + _dbus_auth_set_mechanisms (auth, (const char **) mechs); + dbus_free_string_array (mechs); + } + else if (_dbus_string_starts_with_c_str (&line, "SEND")) { DBusString to_send; @@ -605,10 +654,17 @@ _dbus_auth_script_run (const DBusString *filename) } if (auth != NULL && - state == DBUS_AUTH_STATE_AUTHENTICATED_WITH_UNUSED_BYTES) + state == DBUS_AUTH_STATE_AUTHENTICATED) { - _dbus_warn ("did not expect unused bytes (scripts must specify explicitly if they are expected)\n"); - goto out; + const DBusString *unused; + + _dbus_auth_get_unused_bytes (auth, &unused); + + if (_dbus_string_get_length (unused) > 0) + { + _dbus_warn ("did not expect unused bytes (scripts must specify explicitly if they are expected)\n"); + goto out; + } } if (_dbus_string_get_length (&from_auth) > 0) |