[gdm] manager: don't leak session objects when client is rejected

From: Ray Strode <halfline src gnome org>
To: commits-list gnome org
Cc:
Subject: [gdm] manager: don't leak session objects when client is rejected
Date: Thu, 10 Apr 2014 17:24:43 +0000 (UTC)
commit c7553e88567133e03804255e0002b3f96fc5aa87
Author: Ray Strode <rstrode redhat com>
Date:   Thu Apr 10 09:22:07 2014 -0400

    manager: don't leak session objects when client is rejected
    
    if a client creates a transient reauthentication session and then we reject
    the client when it tries to connect to it, then we need to clean up
    the associated session object.
    
    This commit does that.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=727982

 daemon/gdm-manager.c |   45 +++++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 45 insertions(+), 0 deletions(-)
---
diff --git a/daemon/gdm-manager.c b/daemon/gdm-manager.c
index 65b3dee..9723932 100644
--- a/daemon/gdm-manager.c
+++ b/daemon/gdm-manager.c
@@ -1008,6 +1008,47 @@ on_reauthentication_client_disconnected (GdmSession              *session,
 }
 
 static void
+on_reauthentication_client_rejected (GdmSession              *session,
+                                     GCredentials            *credentials,
+                                     GPid                     pid_of_client,
+                                     GdmManager              *self)
+{
+        GPid pid;
+
+        g_debug ("GdmManger: client with pid %ld rejected from reauthentication server", (long) 
pid_of_client);
+
+        if (gdm_session_client_is_connected (session)) {
+                /* we already have a client connected, ignore this rejected one */
+                return;
+        }
+
+        pid = (GPid) GPOINTER_TO_UINT (g_object_get_data (G_OBJECT (session), "caller-pid"));
+
+        if (pid != pid_of_client) {
+                const char *session_id;
+                char *client_session_id;
+
+                /* rejected client isn't the process that started the
+                 * transient reauthentication session. If it's not even from the
+                 * same audit session, ignore it since it doesn't "own" the
+                 * reauthentication session
+                 */
+                client_session_id = get_session_id_for_pid (self->priv->connection,
+                                                            pid_of_client,
+                                                            NULL);
+                session_id = g_object_get_data (G_OBJECT (session), "caller-session-id");
+
+                if (g_strcmp0 (session_id, client_session_id) != 0) {
+                        return;
+                }
+        }
+
+        /* client was rejected, so clean up its session object
+         */
+        close_transient_session (self, session);
+}
+
+static void
 on_reauthentication_cancelled (GdmSession *session,
                                GdmManager *self)
 {
@@ -1099,6 +1140,10 @@ open_temporary_reauthentication_channel (GdmManager            *self,
                           G_CALLBACK (on_reauthentication_client_disconnected),
                           self);
         g_signal_connect (session,
+                          "client-rejected",
+                          G_CALLBACK (on_reauthentication_client_rejected),
+                          self);
+        g_signal_connect (session,
                           "cancelled",
                           G_CALLBACK (on_reauthentication_cancelled),
                           self);
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]