diff options
-rw-r--r-- | dbus/dbus-auth-script.c | 13 | ||||
-rw-r--r-- | dbus/dbus-auth.c | 34 | ||||
-rw-r--r-- | dbus/dbus-auth.h | 4 | ||||
-rw-r--r-- | dbus/dbus-transport.c | 2 |
4 files changed, 10 insertions, 43 deletions
diff --git a/dbus/dbus-auth-script.c b/dbus/dbus-auth-script.c index 445452c7..c1f0c88e 100644 --- a/dbus/dbus-auth-script.c +++ b/dbus/dbus-auth-script.c @@ -30,7 +30,6 @@ #include "dbus-hash.h" #include "dbus-credentials.h" #include "dbus-internals.h" -#include "dbus-authorization.h" /** * @defgroup DBusAuthScript code for running unit test scripts for DBusAuth @@ -402,7 +401,6 @@ _dbus_auth_script_run (const DBusString *filename) "SERVER")) { DBusCredentials *creds; - DBusAuthorization *authorization; if (auth != NULL) { @@ -410,16 +408,7 @@ _dbus_auth_script_run (const DBusString *filename) goto out; } - /* empty authorization, it will use default rules */ - authorization = _dbus_authorization_new (); - if (authorization == NULL) - { - _dbus_warn ("no memory to create DBusAuthorization\n"); - goto out; - } - auth = _dbus_auth_server_new (&guid, authorization); - /* DBusAuth owns it, or finalized on OOM */ - _dbus_authorization_unref (authorization); + auth = _dbus_auth_server_new (&guid); if (auth == NULL) { _dbus_warn ("no memory to create DBusAuth\n"); diff --git a/dbus/dbus-auth.c b/dbus/dbus-auth.c index 35efa3a8..a0f72773 100644 --- a/dbus/dbus-auth.c +++ b/dbus/dbus-auth.c @@ -30,7 +30,6 @@ #include "dbus-sha.h" #include "dbus-protocol.h" #include "dbus-credentials.h" -#include "dbus-authorization.h" /** * @defgroup DBusAuth Authentication @@ -214,8 +213,6 @@ typedef struct { DBusAuth base; /**< Parent class */ - DBusAuthorization *authorization; /* DBus Authorization callbacks */ - int failures; /**< Number of times client has been rejected */ int max_failures; /**< Number of times we reject before disconnect */ @@ -1118,26 +1115,12 @@ handle_server_data_external_mech (DBusAuth *auth, DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID, auth->credentials)) return FALSE; + + if (!send_ok (auth)) + return FALSE; - /* Do a first authorization of the transport, in order to REJECT - * immediately connection if needed (FDO#39720), transport will - * re-authorize later, but it will close the connection on fail, - * we want to REJECT now if possible */ - if (_dbus_authorization_do_authorization (DBUS_AUTH_SERVER (auth)->authorization, - auth->authorized_identity)) - { - if (!send_ok (auth)) - return FALSE; - } - else - { - _dbus_verbose ("%s: desired identity does not match server identity: " - "not authorized\n", DBUS_AUTH_NAME (auth)); - return send_rejected (auth); - } - - _dbus_verbose ("%s: authenticated and authorized client based on " - "socket credentials\n", DBUS_AUTH_NAME (auth)); + _dbus_verbose ("%s: authenticated client based on socket credentials\n", + DBUS_AUTH_NAME (auth)); return TRUE; } @@ -2261,8 +2244,7 @@ process_command (DBusAuth *auth) * @returns the new object or #NULL if no memory */ DBusAuth* -_dbus_auth_server_new (const DBusString *guid, - DBusAuthorization *authorization) +_dbus_auth_server_new (const DBusString *guid) { DBusAuth *auth; DBusAuthServer *server_auth; @@ -2290,8 +2272,7 @@ _dbus_auth_server_new (const DBusString *guid, server_auth = DBUS_AUTH_SERVER (auth); server_auth->guid = guid_copy; - server_auth->authorization = _dbus_authorization_ref (authorization); - + /* perhaps this should be per-mechanism with a lower * max */ @@ -2382,7 +2363,6 @@ _dbus_auth_unref (DBusAuth *auth) _dbus_assert (DBUS_AUTH_IS_SERVER (auth)); _dbus_string_free (& DBUS_AUTH_SERVER (auth)->guid); - _dbus_authorization_unref (DBUS_AUTH_SERVER (auth)->authorization); } if (auth->keyring) diff --git a/dbus/dbus-auth.h b/dbus/dbus-auth.h index 3f178a22..ae3f3647 100644 --- a/dbus/dbus-auth.h +++ b/dbus/dbus-auth.h @@ -27,7 +27,6 @@ #include <dbus/dbus-errors.h> #include <dbus/dbus-string.h> #include <dbus/dbus-sysdeps.h> -#include <dbus/dbus-authorization.h> DBUS_BEGIN_DECLS @@ -42,8 +41,7 @@ typedef enum DBUS_AUTH_STATE_AUTHENTICATED } DBusAuthState; -DBusAuth* _dbus_auth_server_new (const DBusString *guid, - DBusAuthorization *authorization); +DBusAuth* _dbus_auth_server_new (const DBusString *guid); DBusAuth* _dbus_auth_client_new (void); DBusAuth* _dbus_auth_ref (DBusAuth *auth); void _dbus_auth_unref (DBusAuth *auth); diff --git a/dbus/dbus-transport.c b/dbus/dbus-transport.c index 3a9cf84b..661b54ff 100644 --- a/dbus/dbus-transport.c +++ b/dbus/dbus-transport.c @@ -125,7 +125,7 @@ _dbus_transport_init_base (DBusTransport *transport, return FALSE; /* OOM */ } - auth = _dbus_auth_server_new (server_guid, authorization); + auth = _dbus_auth_server_new (server_guid); } else { |