diff options
author | Ray Strode <rstrode@redhat.com> | 2014-04-10 09:22:07 -0400 |
---|---|---|
committer | Ray Strode <rstrode@redhat.com> | 2014-04-10 13:23:22 -0400 |
commit | c7553e88567133e03804255e0002b3f96fc5aa87 (patch) | |
tree | b98c9b1d3842070f007f1b916acddc910f19e185 | |
parent | 559fa86ea593fcc89a23e76f41e0cd4520383698 (diff) | |
download | gdm-c7553e88567133e03804255e0002b3f96fc5aa87.tar.gz |
manager: don't leak session objects when client is rejected
if a client creates a transient reauthentication session and then we reject
the client when it tries to connect to it, then we need to clean up
the associated session object.
This commit does that.
https://bugzilla.gnome.org/show_bug.cgi?id=727982
-rw-r--r-- | daemon/gdm-manager.c | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/daemon/gdm-manager.c b/daemon/gdm-manager.c index 65b3dee5..97239325 100644 --- a/daemon/gdm-manager.c +++ b/daemon/gdm-manager.c @@ -1008,6 +1008,47 @@ on_reauthentication_client_disconnected (GdmSession *session, } static void +on_reauthentication_client_rejected (GdmSession *session, + GCredentials *credentials, + GPid pid_of_client, + GdmManager *self) +{ + GPid pid; + + g_debug ("GdmManger: client with pid %ld rejected from reauthentication server", (long) pid_of_client); + + if (gdm_session_client_is_connected (session)) { + /* we already have a client connected, ignore this rejected one */ + return; + } + + pid = (GPid) GPOINTER_TO_UINT (g_object_get_data (G_OBJECT (session), "caller-pid")); + + if (pid != pid_of_client) { + const char *session_id; + char *client_session_id; + + /* rejected client isn't the process that started the + * transient reauthentication session. If it's not even from the + * same audit session, ignore it since it doesn't "own" the + * reauthentication session + */ + client_session_id = get_session_id_for_pid (self->priv->connection, + pid_of_client, + NULL); + session_id = g_object_get_data (G_OBJECT (session), "caller-session-id"); + + if (g_strcmp0 (session_id, client_session_id) != 0) { + return; + } + } + + /* client was rejected, so clean up its session object + */ + close_transient_session (self, session); +} + +static void on_reauthentication_cancelled (GdmSession *session, GdmManager *self) { @@ -1099,6 +1140,10 @@ open_temporary_reauthentication_channel (GdmManager *self, G_CALLBACK (on_reauthentication_client_disconnected), self); g_signal_connect (session, + "client-rejected", + G_CALLBACK (on_reauthentication_client_rejected), + self); + g_signal_connect (session, "cancelled", G_CALLBACK (on_reauthentication_cancelled), self); |