*/
struct DBusAuth
{
+ int refcount; /**< reference count */
const char *side; /**< Client or server */
DBusString incoming; /**< Incoming data buffer */
DBusCredentials *credentials; /**< Credentials read from socket
*/
- DBusCredentials *authenticated_identity; /**< Credentials that are authorized */
+ DBusCredentials *authorized_identity; /**< Credentials that are authorized */
DBusCredentials *desired_identity; /**< Identity client has requested */
if (auth == NULL)
return NULL;
+ auth->refcount = 1;
+
auth->keyring = NULL;
auth->cookie_id = -1;
if (auth->credentials == NULL)
goto enomem_6;
- auth->authenticated_identity = _dbus_credentials_new ();
- if (auth->authenticated_identity == NULL)
+ auth->authorized_identity = _dbus_credentials_new ();
+ if (auth->authorized_identity == NULL)
goto enomem_7;
auth->desired_identity = _dbus_credentials_new ();
_dbus_credentials_unref (auth->desired_identity);
#endif
enomem_8:
- _dbus_credentials_unref (auth->authenticated_identity);
+ _dbus_credentials_unref (auth->authorized_identity);
enomem_7:
_dbus_credentials_unref (auth->credentials);
enomem_6:
auth->already_asked_for_initial_response = FALSE;
_dbus_string_set_length (&auth->identity, 0);
- _dbus_credentials_clear (auth->authenticated_identity);
+ _dbus_credentials_clear (auth->authorized_identity);
_dbus_credentials_clear (auth->desired_identity);
if (auth->mech != NULL)
goto out_3;
}
- if (!_dbus_credentials_add_credentials (auth->authenticated_identity,
+ if (!_dbus_credentials_add_credentials (auth->authorized_identity,
auth->desired_identity))
goto out_3;
/* Copy process ID from the socket credentials if it's there
*/
- if (!_dbus_credentials_add_credential (auth->authenticated_identity,
+ if (!_dbus_credentials_add_credential (auth->authorized_identity,
DBUS_CREDENTIAL_UNIX_PROCESS_ID,
auth->credentials))
goto out_3;
auth->desired_identity))
{
/* client has authenticated */
- if (!_dbus_credentials_add_credentials (auth->authenticated_identity,
+ if (!_dbus_credentials_add_credentials (auth->authorized_identity,
auth->desired_identity))
return FALSE;
/* also copy process ID from the socket credentials
*/
- if (!_dbus_credentials_add_credential (auth->authenticated_identity,
+ if (!_dbus_credentials_add_credential (auth->authorized_identity,
DBUS_CREDENTIAL_UNIX_PROCESS_ID,
auth->credentials))
return FALSE;
/* also copy audit data from the socket credentials
*/
- if (!_dbus_credentials_add_credential (auth->authenticated_identity,
+ if (!_dbus_credentials_add_credential (auth->authorized_identity,
DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID,
auth->credentials))
return FALSE;
* re-authorize later, but it will close the connection on fail,
* we want to REJECT now if possible */
if (_dbus_authorization_do_authorization (DBUS_AUTH_SERVER (auth)->authorization,
- auth->authenticated_identity))
+ auth->authorized_identity))
{
if (!send_ok (auth))
return FALSE;
/* Copy process ID from the socket credentials
*/
- if (!_dbus_credentials_add_credential (auth->authenticated_identity,
+ if (!_dbus_credentials_add_credential (auth->authorized_identity,
DBUS_CREDENTIAL_UNIX_PROCESS_ID,
auth->credentials))
return FALSE;
*/
DBusAuth*
_dbus_auth_server_new (const DBusString *guid,
- DBusAuthorization *authorization)
+ DBusAuthorization *authorization)
{
DBusAuth *auth;
DBusAuthServer *server_auth;
server_auth = DBUS_AUTH_SERVER (auth);
server_auth->guid = guid_copy;
- server_auth->authorization = authorization;
+ server_auth->authorization = _dbus_authorization_ref (authorization);
/* perhaps this should be per-mechanism with a lower
* max
* mechanism */
if (!send_auth (auth, &all_mechanisms[0]))
{
- _dbus_auth_free (auth);
+ _dbus_auth_unref (auth);
return NULL;
}
}
/**
- * Free memory allocated for an auth object.
+ * Increments the refcount of an auth object.
*
* @param auth the auth conversation
+ * @returns the auth conversation
*/
-void
-_dbus_auth_free (DBusAuth *auth)
+DBusAuth *
+_dbus_auth_ref (DBusAuth *auth)
{
_dbus_assert (auth != NULL);
+
+ auth->refcount += 1;
+
+ return auth;
+}
- shutdown_mech (auth);
+/**
+ * Decrements the refcount of an auth object.
+ *
+ * @param auth the auth conversation
+ */
+void
+_dbus_auth_unref (DBusAuth *auth)
+{
+ _dbus_assert (auth != NULL);
+ _dbus_assert (auth->refcount > 0);
- if (DBUS_AUTH_IS_CLIENT (auth))
+ auth->refcount -= 1;
+ if (auth->refcount == 0)
{
- _dbus_string_free (& DBUS_AUTH_CLIENT (auth)->guid_from_server);
- _dbus_list_clear (& DBUS_AUTH_CLIENT (auth)->mechs_to_try);
- }
- else
- {
- _dbus_assert (DBUS_AUTH_IS_SERVER (auth));
+ shutdown_mech (auth);
- _dbus_string_free (& DBUS_AUTH_SERVER (auth)->guid);
- }
+ if (DBUS_AUTH_IS_CLIENT (auth))
+ {
+ _dbus_string_free (& DBUS_AUTH_CLIENT (auth)->guid_from_server);
+ _dbus_list_clear (& DBUS_AUTH_CLIENT (auth)->mechs_to_try);
+ }
+ else
+ {
+ _dbus_assert (DBUS_AUTH_IS_SERVER (auth));
- if (auth->keyring)
- _dbus_keyring_unref (auth->keyring);
+ _dbus_string_free (& DBUS_AUTH_SERVER (auth)->guid);
+ _dbus_authorization_unref (DBUS_AUTH_SERVER (auth)->authorization);
+ }
- _dbus_string_free (&auth->context);
- _dbus_string_free (&auth->challenge);
- _dbus_string_free (&auth->identity);
- _dbus_string_free (&auth->incoming);
- _dbus_string_free (&auth->outgoing);
+ if (auth->keyring)
+ _dbus_keyring_unref (auth->keyring);
- dbus_free_string_array (auth->allowed_mechs);
+ _dbus_string_free (&auth->context);
+ _dbus_string_free (&auth->challenge);
+ _dbus_string_free (&auth->identity);
+ _dbus_string_free (&auth->incoming);
+ _dbus_string_free (&auth->outgoing);
- _dbus_credentials_unref (auth->credentials);
- _dbus_credentials_unref (auth->authenticated_identity);
- _dbus_credentials_unref (auth->desired_identity);
+ dbus_free_string_array (auth->allowed_mechs);
- dbus_free (auth);
+ _dbus_credentials_unref (auth->credentials);
+ _dbus_credentials_unref (auth->authorized_identity);
+ _dbus_credentials_unref (auth->desired_identity);
+
+ dbus_free (auth);
+ }
}
/**
{
if (auth->state == &common_state_authenticated)
{
- return auth->authenticated_identity;
+ return auth->authorized_identity;
}
else
{
* doesn't require allocation or something
*/
/* return empty credentials */
- _dbus_assert (_dbus_credentials_are_empty (auth->authenticated_identity));
- return auth->authenticated_identity;
+ _dbus_assert (_dbus_credentials_are_empty (auth->authorized_identity));
+ return auth->authorized_identity;
}
}