1 files changed, 7 insertions, 22 deletions

diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c
index 587f954..c9e10d8 100644
--- a/src/polkitbackend/polkitbackendinteractiveauthority.c
+++ b/src/polkitbackend/polkitbackendinteractiveauthority.c
@@ -214,9 +214,6 @@ typedef struct
 
   GDBusConnection *system_bus_connection;
   guint name_owner_changed_signal_id;
-
-  guint64 start_time;
-  guint64 cookie;
 } PolkitBackendInteractiveAuthorityPrivate;
 
 /* ---------------------------------------------------------------------------------------------------- */
@@ -331,8 +328,6 @@ polkit_backend_interactive_authority_init (PolkitBackendInteractiveAuthority *au
                                             authority,
                                             NULL); /* GDestroyNotify */
     }
-
-  priv->start_time = g_get_monotonic_time ();
 }
 
 static void
@@ -1490,24 +1485,14 @@ authentication_session_free (AuthenticationSession *session)
   g_free (session);
 }
 
-/*
- * Generate a value that is used to identify authentication requests.
- * This doesn't need to be protected against active forgery - callers
- * will have to also match the agent identity.
- *
- * It'd probably make sense to just use a UUID, we're just not doing
- * that for lack of a convenient API.  This code is an evolution
- * of older code which used a single process-local 32 bit counter.
- */
 static gchar *
-get_new_cookie (PolkitBackendInteractiveAuthority *authority)
+authentication_agent_new_cookie (AuthenticationAgent *agent)
 {
-  PolkitBackendInteractiveAuthorityPrivate *priv =
-    POLKIT_BACKEND_INTERACTIVE_AUTHORITY_GET_PRIVATE (authority);
-  guint32 rv = g_random_int ();
-  priv->cookie++;
-  return g_strdup_printf ("cookie-%" G_GUINT64_FORMAT "-%" G_GUINT64_FORMAT "-%u",
-                          priv->start_time, priv->cookie, rv);
+  static gint counter = 0;
+
+  /* TODO: use a more random-looking cookie */
+
+  return g_strdup_printf ("cookie%d", counter++);
 }
 
 static PolkitSubject *
@@ -2219,7 +2204,7 @@ authentication_agent_initiate_challenge (AuthenticationAgent         *agent,
                                     &localized_icon_name,
                                     &localized_details);
 
-  cookie = get_new_cookie (authority);
+  cookie = authentication_agent_new_cookie (agent);
 
   identities = NULL;