From c614e5b4b12c771422da809014904fccccd442c8 Mon Sep 17 00:00:00 2001
From: Kristian Høgsberg <krh@redhat.com>
Date: Mon, 17 May 2004 23:34:55 +0000
Subject:  	* dbus/dbus-auth.c (client_try_next_mechanism): Remove logic
 to 	filter against auth->allowed_mechs; we only add allowed mechs in 
 record_mechanisms().

 	* dbus/dbus-auth-script.c (_dbus_auth_script_run): Add an
	ALLOWED_MECHS to auth-script format so we can set the list of
	allowed mechanisms.

 	* data/auth/client-out-of-mechanisms.auth-script: New test to
	check client disconnects when it is out of mechanisms to try.

 	* dbus/dbus-auth.c (process_command): Remove check for lines
	longer that 1 MB; we only buffer up maximum 16 kB.

 	* dbus/dbus-transport.c, dbus/dbus-transport-unix.c,
	dbus/dbus-auth-script.c, dbus/dbus-auth.c, dbus/dbus-auth.h:
	Remove auth state AUTHENTICATED_WITH_UNUSED_BYTES, instead always
	assume there might be unused bytes.

 	* dbus/dbus-auth.c (_dbus_auth_do_work): Remove check for
	client-out-of-mechs, it is handled in process_reject(). Move check
	for max failures to send_rejected(), as it's a server-only thing.
---
 dbus/dbus-auth-script.c | 70 ++++++++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 63 insertions(+), 7 deletions(-)

(limited to 'dbus/dbus-auth-script.c')

diff --git a/dbus/dbus-auth-script.c b/dbus/dbus-auth-script.c
index 0c6426db..acb1e32b 100644
--- a/dbus/dbus-auth-script.c
+++ b/dbus/dbus-auth-script.c
@@ -141,8 +141,6 @@ auth_state_from_string (const DBusString *str)
     return DBUS_AUTH_STATE_HAVE_BYTES_TO_SEND;
   else if (_dbus_string_starts_with_c_str (str, "NEED_DISCONNECT"))
     return DBUS_AUTH_STATE_NEED_DISCONNECT;
-  else if (_dbus_string_starts_with_c_str (str, "AUTHENTICATED_WITH_UNUSED_BYTES"))
-    return DBUS_AUTH_STATE_AUTHENTICATED_WITH_UNUSED_BYTES;
   else if (_dbus_string_starts_with_c_str (str, "AUTHENTICATED"))
     return DBUS_AUTH_STATE_AUTHENTICATED;
   else
@@ -162,8 +160,6 @@ auth_state_to_string (DBusAuthState state)
       return "HAVE_BYTES_TO_SEND";
     case DBUS_AUTH_STATE_NEED_DISCONNECT:
       return "NEED_DISCONNECT";
-    case DBUS_AUTH_STATE_AUTHENTICATED_WITH_UNUSED_BYTES:
-      return "AUTHENTICATED_WITH_UNUSED_BYTES";
     case DBUS_AUTH_STATE_AUTHENTICATED:
       return "AUTHENTICATED";
     }
@@ -171,6 +167,49 @@ auth_state_to_string (DBusAuthState state)
   return "unknown";
 }
 
+static char **
+split_string (DBusString *str)
+{
+  int i, j, k, count, end;
+  char **array;
+
+  end = _dbus_string_get_length (str);
+
+  i = 0;
+  _dbus_string_skip_blank (str, i, &i);
+  for (count = 0; i < end; count++)
+    {
+      _dbus_string_find_blank (str, i, &i);
+      _dbus_string_skip_blank (str, i, &i);
+    }
+
+  array = dbus_new0 (char *, count + 1);
+  if (array == NULL)
+    return NULL;
+
+  i = 0;
+  _dbus_string_skip_blank (str, i, &i);
+  for (k = 0; k < count; k++)
+    {
+      _dbus_string_find_blank (str, i, &j);
+
+      array[k] = dbus_malloc (j - i + 1);
+      if (array[k] == NULL)
+        {
+          dbus_free_string_array (array);
+          return NULL;
+        }
+      memcpy (array[k],
+              _dbus_string_get_const_data_len (str, i, j - i), j - i);
+      array[k][j - i] = '\0';
+
+      _dbus_string_skip_blank (str, j, &i);
+    }
+  array[k] = NULL;
+
+  return array;
+}
+
 /**
  * Runs an "auth script" which is a script for testing the
  * authentication protocol. Scripts send and receive data, and then
@@ -335,6 +374,16 @@ _dbus_auth_script_run (const DBusString *filename)
           DBusCredentials creds = { -1, 4312, 1232 };
           _dbus_auth_set_credentials (auth, &creds);          
         }
+      else if (_dbus_string_starts_with_c_str (&line,
+                                               "ALLOWED_MECHS"))
+        {
+          char **mechs;
+
+          _dbus_string_delete_first_word (&line);
+          mechs = split_string (&line);
+          _dbus_auth_set_mechanisms (auth, (const char **) mechs);
+          dbus_free_string_array (mechs);
+        }
       else if (_dbus_string_starts_with_c_str (&line,
                                                "SEND"))
         {
@@ -605,10 +654,17 @@ _dbus_auth_script_run (const DBusString *filename)
     }
 
   if (auth != NULL &&
-      state == DBUS_AUTH_STATE_AUTHENTICATED_WITH_UNUSED_BYTES)
+      state == DBUS_AUTH_STATE_AUTHENTICATED)
     {
-      _dbus_warn ("did not expect unused bytes (scripts must specify explicitly if they are expected)\n");
-      goto out;
+      const DBusString *unused;
+
+      _dbus_auth_get_unused_bytes (auth, &unused);
+
+      if (_dbus_string_get_length (unused) > 0)
+        {
+          _dbus_warn ("did not expect unused bytes (scripts must specify explicitly if they are expected)\n");
+          goto out;
+        }
     }
 
   if (_dbus_string_get_length (&from_auth) > 0)
-- 
cgit