X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=src%2Ffrontend%2Fsession.c;h=f64a1b967cb541bd0ba4241e426f380b14153b1c;hb=1689c669f608687c752ceefaffdb5954dfee05f8;hp=0587c50a5f2a405ea03f801c481d197ce488db02;hpb=51069603a7b8d90e222508cbd67dcc5f231289ad;p=sysdb.git

diff --git a/src/frontend/session.c b/src/frontend/session.c
index 0587c50..f64a1b9 100644
--- a/src/frontend/session.c
+++ b/src/frontend/session.c
@@ -40,32 +40,37 @@
  */
 
 int
-sdb_fe_session_start(sdb_conn_t *conn)
+sdb_conn_session_start(sdb_conn_t *conn)
 {
-	const char *username;
+	char username[sdb_strbuf_len(conn->buf) + 1];
+	const char *tmp;
 
-	if ((! conn) || (conn->username))
+	if ((! conn) || (conn->cmd != SDB_CONNECTION_STARTUP))
 		return -1;
 
-	if (conn->cmd != CONNECTION_STARTUP)
-		return -1;
-
-	username = sdb_strbuf_string(conn->buf);
-	if ((! username) || (! conn->cmd_len) || (! *username)) {
+	tmp = sdb_strbuf_string(conn->buf);
+	if ((! tmp) || (! conn->cmd_len) || (! *tmp)) {
 		sdb_strbuf_sprintf(conn->errbuf, "Invalid empty username");
 		return -1;
 	}
+	strncpy(username, tmp, conn->cmd_len);
+	username[conn->cmd_len] = '\0';
 
-	/* XXX: for now, simply accept all connections */
-	conn->username = strndup(username, conn->cmd_len);
 	if (! conn->username) {
-		sdb_strbuf_sprintf(conn->errbuf, "Authentication failed");
+		/* We trust the remote peer.
+		 * TODO: make the auth mechanism configurable */
+		conn->username = strdup(username);
+	}
+	else if (strcmp(conn->username, username)) {
+		sdb_strbuf_sprintf(conn->errbuf, "%s cannot act on behalf of %s",
+				conn->username, username);
 		return -1;
 	}
-	sdb_connection_send(conn, CONNECTION_OK, 0, NULL);
+
+	sdb_connection_send(conn, SDB_CONNECTION_OK, 0, NULL);
 	conn->ready = 1;
 	return 0;
-} /* sdb_fe_session_start */
+} /* sdb_conn_session_start */
 
 /* vim: set tw=78 sw=4 ts=4 noexpandtab : */