projects / platform / upstream / dbus.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5fcba30)
Remove transport's call to _dbus_authorization_do_authorization().
authorCosimo Alfarano <cosimo.alfarano@collabora.com>
Thu, 22 Aug 2013 23:56:48 +0000 (01:56 +0200)
committerRalf Habacker <ralf.habacker@freenet.de>
Fri, 23 Aug 2013 01:55:10 +0000 (03:55 +0200)
All mechs do authorization before answering OK/REJECT.
There is no reason to run a second round of authorization which will
return the same answer of the first time (when OK) or will never be
reched (if REJECTed).

Bug: http://bugs.freedesktop.org/show_bug.cgi?id=39720
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
dbus/dbus-transport.c patch | blob | history

diff --git a/dbus/dbus-transport.c b/dbus/dbus-transport.c
index db16574..da95d2c 100644 (file)
--- a/dbus/dbus-transport.c
+++ b/dbus/dbus-transport.c
@@ -589,9 +589,6 @@ _dbus_transport_try_to_authenticate (DBusTransport *transport)
       if (transport->disconnected)
         return FALSE;
 
-      /* paranoia ref since we call user callbacks sometimes */
-      _dbus_connection_ref_unlocked (transport->connection);
-      
       maybe_authenticated =
         (!(transport->send_credentials_pending ||
            transport->receive_credentials_pending));
@@ -623,32 +620,12 @@ _dbus_transport_try_to_authenticate (DBusTransport *transport)
               _dbus_verbose ("Client expected GUID '%s' and we got '%s' from the server\n",
                              transport->expected_guid, server_guid);
               _dbus_transport_disconnect (transport);
-              _dbus_connection_unref_unlocked (transport->connection);
               return FALSE;
             }
         }
 
-      /* If we're the server, see if we want to allow this identity to proceed.
-       */
-      if (maybe_authenticated && transport->is_server)
-        {
-          DBusCredentials *auth_identity;
-
-          auth_identity = _dbus_auth_get_identity (transport->auth);
-          _dbus_assert (auth_identity != NULL);
-          
-          /* If we have an authenticated user, delegate deciding whether auth
-           * credentials are good enough to the app */
-          if (!_dbus_authorization_do_authorization (transport->authorization, auth_identity))
-            {
-              _dbus_transport_disconnect (transport);
-              maybe_authenticated = FALSE;
-            }
-        }
-
       transport->authenticated = maybe_authenticated;
 
-      _dbus_connection_unref_unlocked (transport->connection);
       return maybe_authenticated;
     }
 }
Domain: System / IPC;