X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=src%2Ffrontend%2Fsession.c;h=f64a1b967cb541bd0ba4241e426f380b14153b1c;hb=288e7cfdab0c31ff49d9bc10ec51ceb32f476014;hp=a64931eeca6f795075b09322cea6ac4c8b5bd1ff;hpb=be7975aabb4cba23235e460beba549e190175d92;p=sysdb.git diff --git a/src/frontend/session.c b/src/frontend/session.c index a64931e..f64a1b9 100644 --- a/src/frontend/session.c +++ b/src/frontend/session.c @@ -25,6 +25,10 @@ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +#if HAVE_CONFIG_H +# include "config.h" +#endif /* HAVE_CONFIG_H */ + #include "sysdb.h" #include "frontend/connection-private.h" @@ -36,31 +40,37 @@ */ int -sdb_fe_session_start(sdb_conn_t *conn) +sdb_conn_session_start(sdb_conn_t *conn) { - const char *username; - - if ((! conn) || (conn->username)) - return -1; + char username[sdb_strbuf_len(conn->buf) + 1]; + const char *tmp; - if (conn->cmd != CONNECTION_STARTUP) + if ((! conn) || (conn->cmd != SDB_CONNECTION_STARTUP)) return -1; - username = sdb_strbuf_string(conn->buf); - if ((! username) || (! conn->cmd_len) || (! *username)) { + tmp = sdb_strbuf_string(conn->buf); + if ((! tmp) || (! conn->cmd_len) || (! *tmp)) { sdb_strbuf_sprintf(conn->errbuf, "Invalid empty username"); return -1; } + strncpy(username, tmp, conn->cmd_len); + username[conn->cmd_len] = '\0'; - /* XXX: for now, simply accept all connections */ - conn->username = strndup(username, conn->cmd_len); if (! conn->username) { - sdb_strbuf_sprintf(conn->errbuf, "Authentication failed"); + /* We trust the remote peer. + * TODO: make the auth mechanism configurable */ + conn->username = strdup(username); + } + else if (strcmp(conn->username, username)) { + sdb_strbuf_sprintf(conn->errbuf, "%s cannot act on behalf of %s", + conn->username, username); return -1; } - sdb_connection_send(conn, CONNECTION_OK, 0, NULL); + + sdb_connection_send(conn, SDB_CONNECTION_OK, 0, NULL); + conn->ready = 1; return 0; -} /* sdb_fe_session_start */ +} /* sdb_conn_session_start */ /* vim: set tw=78 sw=4 ts=4 noexpandtab : */