From: Simon McVittie <smcv@collabora.com>
Date: Fri, 12 Jan 2018 16:47:55 +0000 (+0000)
Subject: DBusAuthScript: Make USERNAME_HEX differ from USERID_HEX
X-Git-Tag: dbus-1.13.0~22
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=064c478e145b10a44e9c385be74d9c666666af1c;p=thirdparty%2Fdbus.git

DBusAuthScript: Make USERNAME_HEX differ from USERID_HEX

Previously, USERID_HEX and USERNAME_HEX were both replaced by the hex
encoding of the numeric uid, something like 31303030 for "1000".
Now USERNAME_HEX is something like 736d6376 for "smcv". This is only
supported on Unix, but no authentication mechanisms use usernames on
Windows anyway.

This would require changing the tests that make use of USERNAME_HEX
if we had any, but we currently don't.

Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Philip Withnall <withnall@endlessm.com>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=104588
---

diff --git a/dbus/dbus-auth-script.c b/dbus/dbus-auth-script.c
index 34c67f1d4..63948422d 100644
--- a/dbus/dbus-auth-script.c
+++ b/dbus/dbus-auth-script.c
@@ -35,6 +35,10 @@
 #include "dbus-internals.h"
 #include <dbus/dbus-test-tap.h>
 
+#ifdef DBUS_UNIX
+# include "dbus/dbus-userdb.h"
+#endif
+
 /**
  * @defgroup DBusAuthScript code for running unit test scripts for DBusAuth
  * @ingroup  DBusInternals
@@ -556,35 +560,33 @@ _dbus_auth_script_run (const DBusString *filename)
             else if (_dbus_string_find (&to_send, 0,
                                         "USERNAME_HEX", &where))
               {
-                DBusString username;
-                
-                if (!_dbus_string_init (&username))
-                  {
-                    _dbus_warn ("no memory for username");
-                    _dbus_string_free (&to_send);
-                    goto out;
-                  }
+#ifdef DBUS_UNIX
+                const DBusString *username;
 
-                if (!_dbus_append_user_from_current_process (&username))
+                if (!_dbus_username_from_current_process (&username))
                   {
                     _dbus_warn ("no memory for username");
-                    _dbus_string_free (&username);
                     _dbus_string_free (&to_send);
                     goto out;
                   }
 
                 _dbus_string_delete (&to_send, where, (int) strlen ("USERNAME_HEX"));
                 
-                if (!_dbus_string_hex_encode (&username, 0,
+                if (!_dbus_string_hex_encode (username, 0,
 					      &to_send, where))
                   {
                     _dbus_warn ("no memory to subst USERNAME_HEX");
-                    _dbus_string_free (&username);
                     _dbus_string_free (&to_send);
                     goto out;
                   }
-
-                _dbus_string_free (&username);
+#else
+                /* No authentication mechanism uses the login name on
+                 * Windows, so there's no point in it appearing in an
+                 * auth script that is not UNIX_ONLY. */
+                _dbus_warn ("USERNAME_HEX cannot be used on Windows");
+                _dbus_string_free (&to_send);
+                goto out;
+#endif
               }
           }