From 3d7dc1161fa91073598f9a37c29dae1c900b17e4 Mon Sep 17 00:00:00 2001
From: Julian Orth <ju.orth@gmail.com>
Date: Sun, 18 Jan 2026 15:20:54 +0100
Subject: [PATCH] dbus: use challenge-response authentication

---
 src/dbus.rs      |  2 ++
 src/dbus/auth.rs | 10 +++++++---
 src/utils.rs     |  1 -
 src/utils/hex.rs | 15 ---------------
 4 files changed, 9 insertions(+), 19 deletions(-)
 delete mode 100644 src/utils/hex.rs

diff --git a/src/dbus.rs b/src/dbus.rs
index 768fc678..e8041e32 100644
--- a/src/dbus.rs
+++ b/src/dbus.rs
@@ -98,6 +98,8 @@ pub enum DbusError {
     ReadError(#[source] IoUringError),
     #[error("timeout")]
     IoUringError(#[source] Box<IoUringError>),
+    #[error("Server did not send auth challenge")]
+    NoChallenge,
     #[error("Server did not accept our authentication")]
     Auth,
     #[error("Array length is not a multiple of the element size")]
diff --git a/src/dbus/auth.rs b/src/dbus/auth.rs
index 48aaecdd..a4685966 100644
--- a/src/dbus/auth.rs
+++ b/src/dbus/auth.rs
@@ -1,7 +1,7 @@
 use {
     crate::{
         dbus::{DbusError, DbusSocket, incoming::handle_incoming, outgoing::handle_outgoing},
-        utils::{buf::Buf, errorfmt::ErrorFmt, hex},
+        utils::{buf::Buf, errorfmt::ErrorFmt},
     },
     std::{ops::Deref, rc::Rc},
 };
@@ -52,16 +52,20 @@ impl Auth {
     }
 
     async fn handle_auth(&mut self) -> Result<(), DbusError> {
-        let uid = hex::to_hex(&uapi::getuid().to_string());
         let mut out_buf = Buf::new(128);
         {
             let buf = out_buf
-                .write_fmt(format_args!("\0AUTH EXTERNAL {}\r\n", uid))
+                .write_fmt(format_args!("\0AUTH EXTERNAL\r\nDATA\r\n"))
                 .unwrap();
             self.write_buf(buf).await?;
         }
         let line = self.readline().await?;
         let (cmd, _) = line_to_cmd(&line);
+        if cmd != "DATA" {
+            return Err(DbusError::NoChallenge);
+        }
+        let line = self.readline().await?;
+        let (cmd, _) = line_to_cmd(&line);
         if cmd != "OK" {
             return Err(DbusError::Auth);
         }
diff --git a/src/utils.rs b/src/utils.rs
index 1ba53964..b8144425 100644
--- a/src/utils.rs
+++ b/src/utils.rs
@@ -24,7 +24,6 @@ pub mod free_list;
 pub mod geometric_decay;
 pub mod gfx_api_ext;
 pub mod hash_map_ext;
-pub mod hex;
 pub mod line_logger;
 pub mod linkedlist;
 pub mod log_on_drop;
diff --git a/src/utils/hex.rs b/src/utils/hex.rs
deleted file mode 100644
index 8b2ade8f..00000000
--- a/src/utils/hex.rs
+++ /dev/null
@@ -1,15 +0,0 @@
-pub fn to_hex(b: &str) -> String {
-    let mut s = String::with_capacity(b.len() * 2);
-    for &b in b.as_bytes() {
-        s.push(nibble_to_hex(b >> 4) as char);
-        s.push(nibble_to_hex(b & 7) as char);
-    }
-    s
-}
-
-fn nibble_to_hex(n: u8) -> u8 {
-    match n {
-        n @ 0..=9 => b'0' + n,
-        n => b'a' + n,
-    }
-}