Revert "Actually use DBusAuthorization in DBusAuth EXTERNAL mech"

This reverts commit d5d25b5efd.
2026-05-06 11:38:16 +02:00 · 2013-08-23 11:09:34 +01:00 · 2013-08-23 11:09:34 +01:00 · 414cb42dee
commit 414cb42dee
parent 75f5b682cc
4 changed files with 10 additions and 43 deletions
--- a/dbus/dbus-auth-script.c
+++ b/dbus/dbus-auth-script.c
@ -30,7 +30,6 @@
 #include "dbus-hash.h"
 #include "dbus-credentials.h"
 #include "dbus-internals.h"
-#include "dbus-authorization.h"

 /**
 * @defgroup DBusAuthScript code for running unit test scripts for DBusAuth
@ -402,7 +401,6 @@ _dbus_auth_script_run (const DBusString *filename)
                                               "SERVER"))
        {
          DBusCredentials *creds;
-          DBusAuthorization *authorization;
          
          if (auth != NULL)
            {
@ -410,16 +408,7 @@ _dbus_auth_script_run (const DBusString *filename)
              goto out;
            }

-          /* empty authorization, it will use default rules */
-          authorization = _dbus_authorization_new ();
-          if (authorization == NULL)
-            {
-              _dbus_warn ("no memory to create DBusAuthorization\n");
-              goto out;
-            }
-          auth = _dbus_auth_server_new (&guid, authorization);
-          /* DBusAuth owns it, or finalized on OOM */
-          _dbus_authorization_unref (authorization);
+          auth = _dbus_auth_server_new (&guid);
          if (auth == NULL)
            {
              _dbus_warn ("no memory to create DBusAuth\n");
--- a/dbus/dbus-auth.c
+++ b/dbus/dbus-auth.c
@ -30,7 +30,6 @@
 #include "dbus-sha.h"
 #include "dbus-protocol.h"
 #include "dbus-credentials.h"
-#include "dbus-authorization.h"

 /**
 * @defgroup DBusAuth Authentication
@ -214,8 +213,6 @@ typedef struct
 {
  DBusAuth base;    /**< Parent class */

-  DBusAuthorization *authorization;             /* DBus Authorization callbacks */
-
  int failures;     /**< Number of times client has been rejected */
  int max_failures; /**< Number of times we reject before disconnect */

@ -1118,26 +1115,12 @@ handle_server_data_external_mech (DBusAuth         *auth,
                                             DBUS_CREDENTIAL_ADT_AUDIT_DATA_ID,
                                             auth->credentials))
        return FALSE;
+      
+      if (!send_ok (auth))
+        return FALSE;

-      /* Do a first authorization of the transport, in order to REJECT
-       * immediately connection if needed (FDO#39720), transport will
-       * re-authorize later, but it will close the connection on fail,
-       * we want to REJECT now if possible */
-      if (_dbus_authorization_do_authorization (DBUS_AUTH_SERVER (auth)->authorization,
-            auth->authorized_identity))
-        {
-          if (!send_ok (auth))
-            return FALSE;
-        }
-      else
-        {
-          _dbus_verbose ("%s: desired identity does not match server identity: "
-              "not authorized\n", DBUS_AUTH_NAME (auth));
-          return send_rejected (auth);
-        }
-
-      _dbus_verbose ("%s: authenticated and authorized client based on "
-          "socket credentials\n", DBUS_AUTH_NAME (auth));
+      _dbus_verbose ("%s: authenticated client based on socket credentials\n",
+                     DBUS_AUTH_NAME (auth));

      return TRUE;
    }
@ -2261,8 +2244,7 @@ process_command (DBusAuth *auth)
 * @returns the new object or #NULL if no memory
 */
 DBusAuth*
-_dbus_auth_server_new (const DBusString *guid,
-    DBusAuthorization *authorization)
+_dbus_auth_server_new (const DBusString *guid)
 {
  DBusAuth *auth;
  DBusAuthServer *server_auth;
@ -2290,8 +2272,7 @@ _dbus_auth_server_new (const DBusString *guid,
  server_auth = DBUS_AUTH_SERVER (auth);

  server_auth->guid = guid_copy;
-  server_auth->authorization = _dbus_authorization_ref (authorization);
-
+  
  /* perhaps this should be per-mechanism with a lower
   * max
   */
@ -2382,7 +2363,6 @@ _dbus_auth_unref (DBusAuth *auth)
          _dbus_assert (DBUS_AUTH_IS_SERVER (auth));

          _dbus_string_free (& DBUS_AUTH_SERVER (auth)->guid);
-          _dbus_authorization_unref (DBUS_AUTH_SERVER (auth)->authorization);
        }

      if (auth->keyring)
--- a/dbus/dbus-auth.h
+++ b/dbus/dbus-auth.h
@ -27,7 +27,6 @@
 #include <dbus/dbus-errors.h>
 #include <dbus/dbus-string.h>
 #include <dbus/dbus-sysdeps.h>
-#include <dbus/dbus-authorization.h>

 DBUS_BEGIN_DECLS

@ -42,8 +41,7 @@ typedef enum
  DBUS_AUTH_STATE_AUTHENTICATED
 } DBusAuthState;

-DBusAuth*     _dbus_auth_server_new          (const DBusString       *guid,
-                                              DBusAuthorization      *authorization);
+DBusAuth*     _dbus_auth_server_new          (const DBusString       *guid);
 DBusAuth*     _dbus_auth_client_new          (void);
 DBusAuth*     _dbus_auth_ref                 (DBusAuth               *auth);
 void          _dbus_auth_unref               (DBusAuth               *auth);
--- a/dbus/dbus-transport.c
+++ b/dbus/dbus-transport.c
@ -125,7 +125,7 @@ _dbus_transport_init_base (DBusTransport             *transport,
          return FALSE; /* OOM */
        }

-      auth = _dbus_auth_server_new (server_guid, authorization);
+      auth = _dbus_auth_server_new (server_guid);
    }
  else
    {