static void
fill_info (GFileInfo *info, GVfsAfpVolumeData *vol_data, GVfsBackendAfpBrowse *afp_backend)
{
GIcon *icon;
GMountSpec *mount_spec;
char *uri;
g_file_info_set_name (info, vol_data->name);
g_file_info_set_display_name (info, vol_data->name);
g_file_info_set_edit_name (info, vol_data->name);
g_file_info_set_attribute_boolean (info, G_FILE_ATTRIBUTE_STANDARD_IS_VIRTUAL, TRUE);
g_file_info_set_content_type (info, "inode/directory");
g_file_info_set_file_type (info, G_FILE_TYPE_MOUNTABLE);
g_file_info_set_attribute_boolean (info, "afp::volume-password-protected", (vol_data->flags & 0x01));
icon = g_themed_icon_new_with_default_fallbacks ("folder-remote-afp");
g_file_info_set_icon (info, icon);
g_object_unref (icon);
icon = g_themed_icon_new_with_default_fallbacks ("folder-remote-symbolic");
g_file_info_set_symbolic_icon (info, icon);
g_object_unref (icon);
mount_spec = g_mount_spec_new ("afp-volume");
g_mount_spec_set (mount_spec, "host",
g_network_address_get_hostname (G_NETWORK_ADDRESS (afp_backend->addr)));
g_mount_spec_set (mount_spec, "volume", vol_data->name);
g_mount_spec_set (mount_spec, "user", afp_backend->logged_in_user);
if (g_mount_tracker_has_mount_spec (afp_backend->mount_tracker, mount_spec))
{
g_file_info_set_attribute_boolean (info, G_FILE_ATTRIBUTE_MOUNTABLE_CAN_MOUNT, FALSE);
g_file_info_set_attribute_boolean (info, G_FILE_ATTRIBUTE_MOUNTABLE_CAN_UNMOUNT, TRUE);
}
else
{
g_file_info_set_attribute_boolean (info, G_FILE_ATTRIBUTE_MOUNTABLE_CAN_MOUNT, TRUE);
g_file_info_set_attribute_boolean(info, G_FILE_ATTRIBUTE_MOUNTABLE_CAN_UNMOUNT, FALSE);
}
g_mount_spec_unref (mount_spec);
uri = g_strdup_printf ("afp://%s/%s",
g_network_address_get_hostname (G_NETWORK_ADDRESS (afp_backend->addr)),
vol_data->name);
g_file_info_set_attribute_string (info, G_FILE_ATTRIBUTE_STANDARD_TARGET_URI,
uri);
g_free (uri);
}
static void
do_mount (GVfsBackend *backend,
GVfsJobMount *job,
GMountSpec *mount_spec,
GMountSource *mount_source,
gboolean is_automount)
{
GVfsBackendAfpBrowse *afp_backend = G_VFS_BACKEND_AFP_BROWSE (backend);
gboolean res;
GError *err = NULL;
GMountSpec *afp_mount_spec;
char *server_name;
char *display_name;
afp_backend->server = g_vfs_afp_server_new (afp_backend->addr);
res = g_vfs_afp_server_login (afp_backend->server, afp_backend->user, mount_source,
&afp_backend->logged_in_user,
G_VFS_JOB (job)->cancellable, &err);
if (!res)
goto error;
/* set mount info */
afp_mount_spec = g_mount_spec_new ("afp-server");
g_mount_spec_set (afp_mount_spec, "host",
g_network_address_get_hostname (G_NETWORK_ADDRESS (afp_backend->addr)));
if (afp_backend->user)
g_mount_spec_set (afp_mount_spec, "user", afp_backend->user);
g_vfs_backend_set_mount_spec (backend, afp_mount_spec);
g_mount_spec_unref (afp_mount_spec);
if (afp_backend->server->utf8_server_name)
server_name = afp_backend->server->utf8_server_name;
else
server_name = afp_backend->server->server_name;
if (afp_backend->user)
/* Translators: first %s is username and second serververname */
display_name = g_strdup_printf (_("AFP volumes for %s on %s"), afp_backend->user,
server_name);
else
/* Translators: %s is the servername */
display_name = g_strdup_printf (_("AFP volumes on %s"),
server_name);
g_vfs_backend_set_display_name (backend, display_name);
g_free (display_name);
g_vfs_backend_set_icon_name (backend, "network-server-afp");
g_vfs_backend_set_user_visible (backend, FALSE);
g_vfs_job_succeeded (G_VFS_JOB (job));
return;
error:
g_vfs_job_failed_from_error (G_VFS_JOB (job), err);
}
static const gchar *
get_server_identity (GTlsClientConnectionGnutls *gnutls)
{
if (G_IS_NETWORK_ADDRESS (gnutls->priv->server_identity))
return g_network_address_get_hostname (G_NETWORK_ADDRESS (gnutls->priv->server_identity));
else if (G_IS_NETWORK_SERVICE (gnutls->priv->server_identity))
return g_network_service_get_domain (G_NETWORK_SERVICE (gnutls->priv->server_identity));
else
return NULL;
}
/* Called when a GTlsConnection (which this handler has been connected to)
* has an error validating its certificate.
* Returns TRUE if the certificate is already trusted, so the connection
* can continue.
* Returns FALSE if the certificate is not trusted, causing the
* connection's handshake to fail, and then prompts the user to accept
* the certificate.
*/
static gboolean
accept_certificate_cb(GTlsConnection *conn, GTlsCertificate *peer_cert,
GTlsCertificateFlags errors, gpointer user_data)
{
GTlsCertificate *trusted_cert;
GSocketConnectable *connectable;
const gchar *identity;
g_return_val_if_fail(G_IS_TLS_CLIENT_CONNECTION(conn), FALSE);
g_return_val_if_fail(G_IS_TLS_CERTIFICATE(peer_cert), FALSE);
/* Get the certificate identity from the GTlsClientConnection */
connectable = g_tls_client_connection_get_server_identity(
G_TLS_CLIENT_CONNECTION(conn));
g_return_val_if_fail(G_IS_SOCKET_CONNECTABLE(connectable), FALSE);
/* identity is owned by the connectable */
if (G_IS_NETWORK_ADDRESS(connectable)) {
identity = g_network_address_get_hostname(
G_NETWORK_ADDRESS(connectable));
} else if (G_IS_NETWORK_SERVICE(connectable)) {
identity = g_network_service_get_domain(
G_NETWORK_SERVICE(connectable));
} else {
g_return_val_if_reached(FALSE);
}
/* See if a trusted certificate matching the peer certificate exists */
trusted_cert = purple_tls_certificate_new_from_id(identity, NULL);
if (trusted_cert != NULL &&
g_tls_certificate_is_same(peer_cert, trusted_cert)) {
/* It's manually trusted. Accept certificate */
g_object_unref(trusted_cert);
return TRUE;
}
g_clear_object(&trusted_cert);
/* Certificate failed and isn't trusted.
* Fail certificate and prompt user.
*/
request_accept_certificate(identity, peer_cert, errors);
return FALSE;
}
static void
verify_hostkey (HotSshTab *self,
const char *connected_hostkey_type,
const char *connected_hostkey_base64,
const char *saved_hostkey_type,
const char *saved_hostkey_base64)
{
HotSshTabPrivate *priv = hotssh_tab_get_instance_private (self);
gs_free char *errdetails = NULL;
if (strcmp (connected_hostkey_type, saved_hostkey_type) != 0)
{
errdetails = g_strdup_printf (_("The remote host key type has changed; it was previously \"%s\", now \"%s\""),
saved_hostkey_type, connected_hostkey_type);
}
else if (strcmp (connected_hostkey_base64, saved_hostkey_base64) != 0)
{
errdetails = g_strdup (_("The remote host key has changed"));
}
if (errdetails)
{
GError *local_error = NULL;
g_set_error (&local_error, G_IO_ERROR,
G_IO_ERROR_FAILED,
_("Error: The host credentials for \"%s\" (%s) do not match the previously "
"saved credentials. This may represent an attempt by a malicious party to "
"intercept communication; however, it is also possible that the host key was changed "
"by a system administrator.\n\nDetails: %s"),
priv->hostname,
g_network_address_get_hostname ((GNetworkAddress*)priv->address),
errdetails);
page_transition_take_error (self, local_error);
}
else
{
g_debug ("Remote host key matches");
page_transition (self, HOTSSH_TAB_PAGE_CONNECTING);
set_status (self, _("Negotiating authentication…"));
gssh_connection_negotiate_async (priv->connection, priv->cancellable,
on_negotiate_complete, self);
}
}
static void
mount_mountable_cb (GObject *source_object,
GAsyncResult *res,
gpointer user_data)
{
GVfsBackendAfpBrowse *afp_backend = G_VFS_BACKEND_AFP_BROWSE (source_object);
GVfsJobMountMountable *job = G_VFS_JOB_MOUNT_MOUNTABLE (user_data);
GError *err;
GVfsAfpVolumeData *vol_data;
GMountSpec *mount_spec;
if (!update_cache_finish (afp_backend, res, &err))
{
g_vfs_job_failed_from_error (G_VFS_JOB (job), err);
g_error_free (err);
return;
}
vol_data = find_volume (afp_backend, job->filename);
if (!vol_data)
{
g_vfs_job_failed (G_VFS_JOB (job), G_IO_ERROR, G_IO_ERROR_NOT_FOUND,
_("File doesn't exist"));
return;
}
mount_spec = g_mount_spec_new ("afp-volume");
g_mount_spec_set (mount_spec, "host",
g_network_address_get_hostname (G_NETWORK_ADDRESS (afp_backend->addr)));
g_mount_spec_set (mount_spec, "volume", vol_data->name);
g_mount_spec_set (mount_spec, "user", afp_backend->logged_in_user);
g_vfs_job_mount_mountable_set_target (job, mount_spec, "/", TRUE);
g_mount_spec_unref (mount_spec);
g_vfs_job_succeeded (G_VFS_JOB (job));
}
