From 0a171f2e9011b0811ea5347ad10ce8d22595d5f4 Mon Sep 17 00:00:00 2001
From: Simon McVittie <smcv@collabora.com>
Date: Mon, 11 Dec 2017 17:27:16 +0000
Subject: [PATCH 2/9] spec: Move text about the BEGIN command to documentation
 of BEGIN

Having the text about the message stream in the documentation
of AUTH seemed rather odd, and made it likely to get out of sync
with the rest of the spec. Move it to the BEGIN section, remove
some duplication, and make it clearer that if the client pipelines
the fd-negotiation, the server is expected to send exactly one
reply per non-BEGIN command before switching to the D-Bus wire protocol.

Signed-off-by: Simon McVittie <smcv@collabora.com>
---
 doc/dbus-specification.xml | 29 +++++++++++++++--------------
 1 file changed, 15 insertions(+), 14 deletions(-)

diff --git a/doc/dbus-specification.xml b/doc/dbus-specification.xml
index 143cf839..051dd07b 100644
--- a/doc/dbus-specification.xml
+++ b/doc/dbus-specification.xml
@@ -2297,17 +2297,6 @@
         If authentication succeeds after exchanging DATA commands,
         an OK command must be sent to the client.
       </para>
-      <para>
-        The first octet received by the server after the \r\n of the BEGIN
-        command from the client must be the first octet of the
-        authenticated/encrypted stream of D-Bus messages.
-      </para>
-      <para>
-        If BEGIN is received by the server, the first octet received
-        by the client after the \r\n of the OK command must be the
-        first octet of the authenticated/encrypted stream of D-Bus
-        messages.
-      </para>
     </sect2>
     <sect2 id="auth-command-cancel">
       <title>CANCEL Command</title>
@@ -2334,7 +2323,8 @@
       <title>BEGIN Command</title>
       <para>
         The BEGIN command acknowledges that the client has received an
-        OK command from the server, and that the stream of messages
+        OK command from the server and completed any feature negotiation
+        that it wishes to do, and declares that the stream of messages
         is about to begin.
       </para>
       <para>
@@ -2342,6 +2332,13 @@
         command from the client must be the first octet of the
         authenticated/encrypted stream of D-Bus messages.
       </para>
+      <para>
+        Unlike all other commands, the server does not reply to
+        the BEGIN command with an authentication command of its own.
+        After the \r\n of the reply to the command before BEGIN,
+        the next octet received by the client must be the first octet
+        of the authenticated/encrypted stream of D-Bus messages.
+      </para>
     </sect2>
     <sect2 id="auth-command-rejected">
       <title>REJECTED Command</title>
@@ -2376,9 +2373,13 @@
         this protocol.
       </para>
       <para>
-        If a client sends BEGIN the first octet received by the client
+        If there is no negotiation, the first octet received by the client
         after the \r\n of the OK command must be the first octet of
-        the authenticated/encrypted stream of D-Bus messages.
+        the authenticated/encrypted stream of D-Bus messages. If the
+        client negotiates Unix file descriptor passing, the first
+        octet received by the client after the \r\n of the AGREE_UNIX_FD
+        or ERROR reply must be the first octet of the
+        authenticated/encrypted stream.
       </para>
       <para>
         The OK command has one argument, which is the GUID of the server.
-- 
2.15.1