gboolean gkd_pkcs11_startup_ssh (void) { GIOChannel *channel; const gchar *base_dir; int sock; base_dir = gkd_util_get_master_directory (); g_return_val_if_fail (base_dir, FALSE); sock = gkd_ssh_agent_startup (base_dir); if (sock == -1) return FALSE; channel = g_io_channel_unix_new (sock); g_io_add_watch (channel, G_IO_IN | G_IO_HUP, accept_ssh_client, NULL); g_io_channel_unref (channel); /* gkm-ssh-agent sets the environment variable */ gkd_util_push_environment ("SSH_AUTH_SOCK", g_getenv ("SSH_AUTH_SOCK")); egg_cleanup_register (pkcs11_ssh_cleanup, NULL); return TRUE; }
gboolean gkd_daemon_startup_ssh (void) { const gchar *base_dir; GTlsInteraction *interaction; GkdSshAgentPreload *preload; GkdSshAgentService *service; base_dir = gkd_util_get_master_directory (); g_return_val_if_fail (base_dir, FALSE); interaction = gkd_ssh_agent_interaction_new (NULL); preload = gkd_ssh_agent_preload_new ("~/.ssh"); service = gkd_ssh_agent_service_new (base_dir, interaction, preload); g_object_unref (interaction); g_object_unref (preload); if (!gkd_ssh_agent_service_start (service)) return FALSE; /* ssh-agent sets the environment variable */ gkd_util_push_environment ("SSH_AUTH_SOCK", g_getenv ("SSH_AUTH_SOCK")); egg_cleanup_register (pkcs11_ssh_cleanup, service); return TRUE; }
static void parse_arguments (int *argc, char** argv[]) { GError *err = NULL; GOptionContext *context; context = g_option_context_new ("- The Gnome Keyring Daemon"); g_option_context_add_main_entries (context, option_entries, GETTEXT_PACKAGE); if (!g_option_context_parse (context, argc, argv, &err)) { g_printerr ("gnome-keyring-daemon: %s\n", egg_error_message (err)); g_clear_error (&err); } if (!run_components || !run_components[0]) { run_components = DEFAULT_COMPONENTS; } else { run_components = g_strdup (run_components); egg_cleanup_register (g_free, run_components); } /* Check the arguments */ if (run_for_login && run_for_start) { g_printerr ("gnome-keyring-daemon: The --start option is incompatible with --login\n"); run_for_login = FALSE; } if (run_for_login && run_for_replace) { g_printerr ("gnome-keyring-daemon: The --replace option is incompatible with --login\n"); run_for_login = FALSE; } if (run_for_start && run_for_replace) { g_printerr ("gnome-keyring-daemon: The --replace option is incompatible with --start\n"); run_for_start = FALSE; } if (run_for_start && perform_unlock) { g_printerr ("gnome-keyring-daemon: The --start option is incompatible with --unlock"); perform_unlock = FALSE; } if (run_for_login) perform_unlock = TRUE; g_option_context_free (context); }
static gboolean connect_to_session_bus (void) { GError *error = NULL; if (dbus_conn) return TRUE; dbus_conn = g_bus_get_sync (G_BUS_TYPE_SESSION, NULL, &error); if (!dbus_conn) { g_message ("couldn't connect to dbus session bus: %s", error->message); g_error_free (error); return FALSE; } g_signal_connect (dbus_conn, "closed", G_CALLBACK (on_connection_close), NULL); egg_cleanup_register (cleanup_session_bus, NULL); return TRUE; }
gboolean gkd_dbus_setup (void) { gboolean unused; if (!connect_to_session_bus ()) return FALSE; /* Our singleton, and internal service API */ gkd_dbus_singleton_acquire (&unused); /* Session stuff */ gkd_dbus_environment_init (dbus_conn); gkd_dbus_session_init (dbus_conn); /* Secrets API */ gkd_dbus_secrets_init (dbus_conn); egg_cleanup_register (dbus_cleanup, NULL); return TRUE; }
gboolean gkd_pkcs11_startup_pkcs11 (void) { GIOChannel *channel; const gchar *base_dir; int sock; base_dir = gkd_util_get_master_directory (); g_return_val_if_fail (base_dir, FALSE); sock = gkm_rpc_layer_startup (base_dir); if (sock == -1) return FALSE; channel = g_io_channel_unix_new (sock); g_io_add_watch (channel, G_IO_IN | G_IO_HUP, accept_rpc_client, NULL); g_io_channel_unref (channel); egg_cleanup_register (pkcs11_rpc_cleanup, NULL); return TRUE; }
static gboolean connect_to_session_bus (void) { DBusError derr = { 0 }; if (dbus_conn) return TRUE; dbus_error_init (&derr); /* Get the dbus bus and hook up */ dbus_conn = dbus_bus_get (DBUS_BUS_SESSION, &derr); if (!dbus_conn) { g_message ("couldn't connect to dbus session bus: %s", derr.message); dbus_error_free (&derr); return FALSE; } egg_dbus_connect_with_mainloop (dbus_conn, NULL, on_connection_close); dbus_connection_set_exit_on_disconnect (dbus_conn, FALSE); egg_cleanup_register (cleanup_session_bus, NULL); return TRUE; }
void gkd_dbus_secrets_init (DBusConnection *conn) { dbus_conn = dbus_connection_ref (conn); egg_cleanup_register (cleanup_dbus_conn, NULL); }
gboolean gkd_dbus_singleton_acquire (gboolean *acquired) { DBusError derr = DBUS_ERROR_INIT; dbus_uint32_t res = 0; const gchar *service = NULL; unsigned int flags = 0; g_assert (acquired); if (!connect_to_session_bus ()) return FALSE; /* First register the object */ if (!object_registered) { if (dbus_connection_register_object_path (dbus_conn, GNOME_KEYRING_DAEMON_PATH, &object_vtable, NULL)) { object_registered = TRUE; egg_cleanup_register (cleanup_singleton, NULL); } else { g_message ("couldn't register dbus object path"); } } /* Try and grab our name */ if (!acquired_asked) { #ifdef WITH_DEBUG service = g_getenv ("GNOME_KEYRING_TEST_SERVICE"); if (service && service[0]) flags = DBUS_NAME_FLAG_ALLOW_REPLACEMENT | DBUS_NAME_FLAG_REPLACE_EXISTING; else #endif service = GNOME_KEYRING_DAEMON_SERVICE; res = dbus_bus_request_name (dbus_conn, service, flags, &derr); if (dbus_error_is_set (&derr)) { g_message ("couldn't request name '%s' on session bus: %s", service, derr.message); dbus_error_free (&derr); return FALSE; } acquired_asked = TRUE; switch (res) { /* We acquired the service name */ case DBUS_REQUEST_NAME_REPLY_PRIMARY_OWNER: case DBUS_REQUEST_NAME_REPLY_ALREADY_OWNER: acquired_service = TRUE; break; /* Another daemon is running */ case DBUS_REQUEST_NAME_REPLY_IN_QUEUE: case DBUS_REQUEST_NAME_REPLY_EXISTS: acquired_service = FALSE; break; default: acquired_service = FALSE; g_return_val_if_reached (FALSE); break; }; } *acquired = acquired_service; return TRUE; }
gboolean gkd_pkcs11_initialize (void) { CK_FUNCTION_LIST_PTR roots_store; CK_FUNCTION_LIST_PTR secret_store; CK_FUNCTION_LIST_PTR ssh_store; CK_FUNCTION_LIST_PTR mate2_store; CK_FUNCTION_LIST_PTR xdg_store; CK_C_INITIALIZE_ARGS init_args; gboolean ret; CK_RV rv; /* Secrets */ secret_store = gkm_secret_store_get_functions (); /* SSH storage */ ssh_store = gkm_ssh_store_get_functions (); /* Root certificates */ roots_store = gkm_roots_store_get_functions (); /* Old User certificates */ mate2_store = gkm_mate2_store_get_functions (); /* User certificates */ xdg_store = gkm_xdg_store_get_functions (); /* Add all of those into the wrapper layer */ gkm_wrap_layer_add_module (ssh_store); #ifdef ROOT_CERTIFICATES gkm_wrap_layer_add_module (roots_store); #endif gkm_wrap_layer_add_module (secret_store); gkm_wrap_layer_add_module (mate2_store); gkm_wrap_layer_add_module (xdg_store); pkcs11_roof = gkm_wrap_layer_get_functions (); pkcs11_base = gkm_wrap_layer_get_functions_no_prompts (); memset (&init_args, 0, sizeof (init_args)); init_args.flags = CKF_OS_LOCKING_OK; #if WITH_TESTS { const gchar *path = g_getenv ("MATE_KEYRING_TEST_PATH"); if (path && path[0]) init_args.pReserved = g_strdup_printf ("directory=\"%s\"", path); } #endif /* Initialize the whole caboodle */ rv = (pkcs11_roof->C_Initialize) (&init_args); g_free (init_args.pReserved); if (rv != CKR_OK) { g_warning ("couldn't initialize internal PKCS#11 stack (code: %d)", (gint)rv); return FALSE; } egg_cleanup_register (pkcs11_daemon_cleanup, NULL); ret = gkd_gpg_agent_initialize (pkcs11_roof) && gkd_ssh_agent_initialize (pkcs11_roof) && gkm_rpc_layer_initialize (pkcs11_roof); return ret; }
gboolean gkd_dbus_singleton_acquire (gboolean *acquired) { const gchar *service = NULL; GBusNameOwnerFlags flags = G_BUS_NAME_OWNER_FLAGS_NONE; GVariant *acquire_variant; guint res; GError *error = NULL; GkdExportedDaemon *skeleton; g_assert (acquired); if (!connect_to_session_bus ()) return FALSE; /* First register the object */ if (!object_registered) { skeleton = gkd_exported_daemon_skeleton_new (); g_signal_connect (skeleton, "handle-get-control-directory", G_CALLBACK (handle_get_control_directory), NULL); g_signal_connect (skeleton, "handle-get-environment", G_CALLBACK (handle_get_environment), NULL); g_dbus_interface_skeleton_export (G_DBUS_INTERFACE_SKELETON (skeleton), dbus_conn, GNOME_KEYRING_DAEMON_PATH, &error); if (error == NULL) { object_registered = TRUE; egg_cleanup_register (cleanup_singleton, skeleton); } else { g_message ("couldn't register dbus object path: %s", error->message); g_clear_error (&error); } } /* Try and grab our name */ if (!acquired_asked) { #ifdef WITH_DEBUG service = g_getenv ("GNOME_KEYRING_TEST_SERVICE"); if (service && service[0]) flags = G_BUS_NAME_OWNER_FLAGS_ALLOW_REPLACEMENT | G_BUS_NAME_OWNER_FLAGS_REPLACE; else #endif service = GNOME_KEYRING_DAEMON_SERVICE; /* attempt to acquire the name */ acquire_variant = g_dbus_connection_call_sync (dbus_conn, "org.freedesktop.DBus", /* bus name */ "/org/freedesktop/DBus", /* object path */ "org.freedesktop.DBus", /* interface name */ "RequestName", /* method name */ g_variant_new ("(su)", service, flags), G_VARIANT_TYPE ("(u)"), G_DBUS_CALL_FLAGS_NONE, -1, NULL, &error); if (error != NULL) { g_message ("couldn't request name '%s' on session bus: %s", service, error->message); g_error_free (error); return FALSE; } acquired_asked = TRUE; g_variant_get (acquire_variant, "(u)", &res); g_variant_unref (acquire_variant); switch (res) { /* We acquired the service name */ case 1: /* DBUS_REQUEST_NAME_REPLY_PRIMARY_OWNER */ case 4: /* DBUS_REQUEST_NAME_REPLY_ALREADY_OWNER */ acquired_service = TRUE; break; /* Another daemon is running */ case 2: /* DBUS_REQUEST_NAME_REPLY_IN_QUEUE */ case 3: /* DBUS_REQUEST_NAME_REPLY_EXISTS */ acquired_service = FALSE; break; default: acquired_service = FALSE; g_return_val_if_reached (FALSE); break; }; } *acquired = acquired_service; return TRUE; }