diff options
| author | Colin Walters <walters@verbum.org> | 2015-06-03 17:38:42 -0400 |
|---|---|---|
| committer | Colin Walters <walters@verbum.org> | 2015-06-03 17:38:42 -0400 |
| commit | 6a9d21e2e841ef676be3882cb44b277b453f91b2 (patch) | |
| tree | b0d388f32e903683ece4cecd580cbfc0de03c9d4 /src | |
| parent | a29653ffa99e0809e15aa34afcd7b2df8593871c (diff) | |
| download | polkit-6a9d21e2e841ef676be3882cb44b277b453f91b2.tar.gz | |
Revert "authority: Avoid cookie wrapping by using u64 counter"
This was accidentally committed.
This reverts commit 87b2290c03f28841594451c7276e0ca44970c1fe.
Diffstat (limited to 'src')
| -rw-r--r-- | src/polkitbackend/polkitbackendinteractiveauthority.c | 29 |
1 files changed, 7 insertions, 22 deletions
diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c index 587f954..c9e10d8 100644 --- a/src/polkitbackend/polkitbackendinteractiveauthority.c +++ b/src/polkitbackend/polkitbackendinteractiveauthority.c @@ -214,9 +214,6 @@ typedef struct GDBusConnection *system_bus_connection; guint name_owner_changed_signal_id; - - guint64 start_time; - guint64 cookie; } PolkitBackendInteractiveAuthorityPrivate; /* ---------------------------------------------------------------------------------------------------- */ @@ -331,8 +328,6 @@ polkit_backend_interactive_authority_init (PolkitBackendInteractiveAuthority *au authority, NULL); /* GDestroyNotify */ } - - priv->start_time = g_get_monotonic_time (); } static void @@ -1490,24 +1485,14 @@ authentication_session_free (AuthenticationSession *session) g_free (session); } -/* - * Generate a value that is used to identify authentication requests. - * This doesn't need to be protected against active forgery - callers - * will have to also match the agent identity. - * - * It'd probably make sense to just use a UUID, we're just not doing - * that for lack of a convenient API. This code is an evolution - * of older code which used a single process-local 32 bit counter. - */ static gchar * -get_new_cookie (PolkitBackendInteractiveAuthority *authority) +authentication_agent_new_cookie (AuthenticationAgent *agent) { - PolkitBackendInteractiveAuthorityPrivate *priv = - POLKIT_BACKEND_INTERACTIVE_AUTHORITY_GET_PRIVATE (authority); - guint32 rv = g_random_int (); - priv->cookie++; - return g_strdup_printf ("cookie-%" G_GUINT64_FORMAT "-%" G_GUINT64_FORMAT "-%u", - priv->start_time, priv->cookie, rv); + static gint counter = 0; + + /* TODO: use a more random-looking cookie */ + + return g_strdup_printf ("cookie%d", counter++); } static PolkitSubject * @@ -2219,7 +2204,7 @@ authentication_agent_initiate_challenge (AuthenticationAgent *agent, &localized_icon_name, &localized_details); - cookie = get_new_cookie (authority); + cookie = authentication_agent_new_cookie (agent); identities = NULL; |