Now that authorization is in SASL mechs, enable anonymous authorizations
when we are testing anonymous mechs functionality
Bug: http://bugs.freedesktop.org/show_bug.cgi?id=39720
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
* dbus/dbus-string.c (_dbus_string_pop_line): fix this not to
think an empty line is the end of the file.
Also, fix some whitespace.
* dbus/dbus-string-util.c: add more tests for
_dbus_string_pop_line() revealing that it thinks an empty line is
the end of the file, which broke dbus-auth-script.c so
it didn't really run the scripts
* dbus/dbus-auth.c: add ANONYMOUS mechanism
* dbus/dbus-auth-script.c (_dbus_auth_script_run): fix to detect
an empty/no-op auth script; add commands to check that we have or
don't have the expected credentials
* test/data/auth/fallback.auth-script: we don't
retry the EXTERNAL method when we know its going
to fail anymore.
2005-09-11 Mark McLoughlin <mark@skynet.ie>
* dbus/dbus-connection-internal.h: rename
(add|remove|toggle)_(watch|timeout) to unlocked()
* dbus/dbus-connection.c: ditto.
* dbus/dbus-timeout.c, dbus/dbus-transport-unix.c:
Update some callers for the renaming.
2005-09-10 Mark McLoughlin <mark@skynet.ie>
* dbus/dbus-auth.c: (record_mechanisms): don't
retry the first auth mechanism because we know
we're just going to get rejected again.
* dbus/dbus-keyring.c: (_dbus_keyring_reload):
Fix thinko ... and what a nasty little bugger to
track down you were ...
* dbus/dbus-connection.c:
(_dbus_connection_add_watch),
(_dbus_connection_remove_watch): add note about
these needing the connection to be locked.
(_dbus_connection_get_dispatch_status_unlocked):
set status to DATA_REMAINS when we queue the
disconnected message.
* bus/dispatch.c:
(bus_dispatch): fix warning.
(check_existent_service_no_auto_start):
Expect ChildSignaled error too.
(check_existent_hello_from_self): fix another
couple of warnings.
* configure.in (LT_*): add notes on how the libtool versioning
works to save thinking. Increment soname to indicate protocol
breakage (though really the library interface hasn't changed I
guess)
* dbus/dbus-transport.c (_dbus_transport_get_is_authenticated):
verify the GUID received from server matches what we were
expecting, if we had an expectation
* dbus/dbus-auth.c (send_ok): send GUID along with the OK command
(_dbus_auth_get_guid_from_server): new function
(send_begin): parse the OK args
* doc/dbus-specification.xml: add GUID to the auth protocol
* dbus/dbus-auth.c: Rewrite auth protocol handling to use a state
machine approach. A state is implemented as a function that
handles incoming events as specified for that state.
* doc/dbus-specification.xml: Update auth protocol state machine
specification to match implementation. Remove some leftover
base64 examples.
filter against auth->allowed_mechs; we only add allowed mechs in
record_mechanisms().
* dbus/dbus-auth-script.c (_dbus_auth_script_run): Add an
ALLOWED_MECHS to auth-script format so we can set the list of
allowed mechanisms.
* data/auth/client-out-of-mechanisms.auth-script: New test to
check client disconnects when it is out of mechanisms to try.
* dbus/dbus-auth.c (process_command): Remove check for lines
longer that 1 MB; we only buffer up maximum 16 kB.
* dbus/dbus-transport.c, dbus/dbus-transport-unix.c,
dbus/dbus-auth-script.c, dbus/dbus-auth.c, dbus/dbus-auth.h:
Remove auth state AUTHENTICATED_WITH_UNUSED_BYTES, instead always
assume there might be unused bytes.
* dbus/dbus-auth.c (_dbus_auth_do_work): Remove check for
client-out-of-mechs, it is handled in process_reject(). Move check
for max failures to send_rejected(), as it's a server-only thing.
Remove base64 encoding, replace with hex encoding. Original patch
from trow@ximian.com, added error handling.
* dbus/dbus-string.c (_dbus_string_base64_encode)
(_dbus_string_base64_decode): Remove.
(_dbus_string_hex_decode): Add end_return argument so we can
distinguish between OOM and invalid hex encoding.
(_dbus_string_test): Remove base64 tests and add test case for
invalid hex.
* dbus/dbus-keyring.c, dbus/dbus-auth-script.c, dbus/dbus-auth.c:
Replace base64 with hex.
* test/data/auth/invalid-hex-encoding.auth-script: New test case
for invalid hex encoded data in auth protocol.
* dbus/dbus-spawn.c: s/_exit/exit/ because it was keeping gcov
data from getting written, and there wasn't a good reason to
use _exit really.
* test/decode-gcov.c (mark_inside_dbus_build_tests): don't count
dbus_verbose lines in test coverage
(main): add list of functions sorted by # of untested blocks
to the coverage report
* dbus/dbus-mempool.c: put some test-only code in DBUS_BUILD_TESTS
* dbus/dbus-marshal.c (_dbus_marshal_test): extend test coverage
* dbus/dbus-message-handler.c (_dbus_message_handler_test):
extend test coverage
* test/data/auth/cancel.auth-script: test canceling an
authentication
* dbus/Makefile.am: remove dbus-server-debug.[hc] for now, as they
aren't used. in CVS history if we end up needing them.
* test/data/auth/*: adapt to changes
* dbus/dbus-auth-script.c (_dbus_auth_script_run): add
USERID_BASE64 and change USERNAME_BASE64 to put in username not
userid
* dbus/dbus-keyring.c (_dbus_keyring_validate_context): prevent
more stuff from being in a context name, to make the protocol
simpler to deal with
* dbus/dbus-errors.c (dbus_error_has_name): new function
(dbus_error_is_set): new function
* dbus/dbus-auth.c: replace DBUS_STUPID_TEST_MECH auth
with DBUS_COOKIE_SHA1, implement DBUS_COOKIE_SHA1
* dbus/dbus-connection.c (dbus_connection_flush): also read
messages during a flush operation
* dbus/Makefile.am: remove dbus-md5 since it isn't currently used.
* dbus/dbus-auth.c (handle_server_data_stupid_test_mech): Just get
credentials from our currently running process.
(get_word): Fix a buglet where we were copying the entire length
instead of relative to our position.
* dbus/dbus-hash.c (_dbus_hash_test): Don't try to allocate the
keys on the stack... it's 640k of data.
* dbus/dbus-sysdeps.c (_dbus_read_credentials_unix_socket): Always
read the credentials byte off the socket, even if we don't have
SO_PEERCRED.
(_dbus_poll): Implement poll() using select() for systems which
don't have it.
* glib/test-dbus-glib.c (main): Print out an error if no
parameters are given.
* test/data/auth/fallback.auth-script: Added. Tests that a client
can fallback to a secondary auth mechanism if the first fails.
* dbus/dbus-connection.c (dbus_connection_set_change_sigpipe):
allow people to avoid setting SIGPIPE to SIG_IGN
(_dbus_connection_new_for_transport): disable SIGPIPE unless
we've been asked not to
* dbus/dbus-auth.c (handle_server_data_external_mech): args to
dbus_credentials_match were backward
* dbus/dbus-auth-script.c (_dbus_auth_script_run): support
NO_CREDENTIALS and ROOT_CREDENTIALS
* dbus/dbus-auth.c (_dbus_auth_do_work): move get_state() routine
into here. Never process more commands after we've reached an
end state; store further data as unused bytes.
* test/data/auth/*: add more auth tests
* dbus/dbus-auth-script.c (_dbus_auth_script_run): support EXPECT
command to match exact string and EXPECT_UNUSED to match unused
bytes
* test/Makefile.am (dist-hook): fix to dist all the test stuff
* dbus/dbus-string.c (_dbus_string_pop_line): fix to also strip
\r off of popped lines
* dbus/dbus-auth.c (_dbus_auth_test): write code to run auth
scripts
* dbus/dbus-auth-script.c (_dbus_auth_script_run): when doing a
SEND, append \r\n
