From 777707ed8dff6958972a93894a87ec1945c65c14 Mon Sep 17 00:00:00 2001
From: Havoc Pennington <hp@redhat.com>
Date: Mon, 14 Apr 2003 02:29:21 +0000
Subject: 2003-04-13  Havoc Pennington  <hp@pobox.com>

	* dbus/dbus-mainloop.c: fix some reentrancy issues by refcounting
	callbacks

	* test/data/valid-config-files/debug-allow-all.conf.in: allow all
	users

	* dbus/dbus-transport.c (_dbus_transport_get_dispatch_status):
	fix to only recover unused bytes if we're already authenticated
	(_dbus_transport_get_is_authenticated): fix to still mark us
	authenticated if there are unused bytes.

	* bus/dispatch.c: implement security policy checking

	* bus/connection.c (bus_transaction_send_from_driver): new

	* bus/bus.c (bus_context_check_security_policy): new

	* bus/dispatch.c (send_service_nonexistent_error): delete this,
	now we just set the DBusError and it gets converted to an error
	reply.

	* bus/connection.c (allow_user_function): enable code using actual
	data from the config file

	* bus/policy.c (list_allows_user): handle wildcard rules for
	user/group connection perms
---
 dbus/dbus-transport.c | 38 +++++++++++++++++++++++++-------------
 1 file changed, 25 insertions(+), 13 deletions(-)

(limited to 'dbus/dbus-transport.c')

diff --git a/dbus/dbus-transport.c b/dbus/dbus-transport.c
index f9b3d8a8..e726de24 100644
--- a/dbus/dbus-transport.c
+++ b/dbus/dbus-transport.c
@@ -459,9 +459,21 @@ _dbus_transport_get_is_authenticated (DBusTransport *transport)
       
       maybe_authenticated =
         (!(transport->send_credentials_pending ||
-           transport->receive_credentials_pending)) &&
-        _dbus_auth_do_work (transport->auth) == DBUS_AUTH_STATE_AUTHENTICATED;
+           transport->receive_credentials_pending));
 
+      if (maybe_authenticated)
+        {
+          switch (_dbus_auth_do_work (transport->auth))
+            {
+            case DBUS_AUTH_STATE_AUTHENTICATED:
+            case DBUS_AUTH_STATE_AUTHENTICATED_WITH_UNUSED_BYTES:
+              /* leave as maybe_authenticated */
+              break;
+            default:
+              maybe_authenticated = FALSE;
+            }
+        }
+      
       /* If we've authenticated as some identity, check that the auth
        * identity is the same as our own identity.  In the future, we
        * may have API allowing applications to specify how this is
@@ -768,18 +780,18 @@ _dbus_transport_get_dispatch_status (DBusTransport *transport)
 
   if (!_dbus_transport_get_is_authenticated (transport))
     {
-      switch (_dbus_auth_do_work (transport->auth))
-        {
-        case DBUS_AUTH_STATE_WAITING_FOR_MEMORY:
-          return DBUS_DISPATCH_NEED_MEMORY;
-        case DBUS_AUTH_STATE_AUTHENTICATED_WITH_UNUSED_BYTES:
-          if (!recover_unused_bytes (transport))
-            return DBUS_DISPATCH_NEED_MEMORY;
-          break;
-        default:
-          break;
-        }
+      if (_dbus_auth_do_work (transport->auth) ==
+          DBUS_AUTH_STATE_WAITING_FOR_MEMORY)
+        return DBUS_DISPATCH_NEED_MEMORY;
+      else
+        return DBUS_DISPATCH_COMPLETE;
     }
+
+  if (!transport->unused_bytes_recovered &&
+      !recover_unused_bytes (transport))
+    return DBUS_DISPATCH_NEED_MEMORY;
+
+  transport->unused_bytes_recovered = TRUE;
   
   if (!_dbus_message_loader_queue_messages (transport->loader))
     return DBUS_DISPATCH_NEED_MEMORY;
-- 
cgit