static void
inf_test_mass_join_explore_finished_cb(InfRequest* request,
const InfRequestResult* result,
const GError* error,
gpointer user_data)
{
InfTestMassJoiner* joiner;
InfBrowser* browser;
InfBrowserIter iter;
const char* name;
gboolean document_exists;
joiner = (InfTestMassJoiner*)user_data;
browser = INF_BROWSER(joiner->browser);
inf_browser_get_root(browser, &iter);
if(inf_browser_get_child(browser, &iter) == FALSE)
{
fprintf(
stderr,
"Joiner %s: Document %s does not exist\n",
joiner->username,
joiner->document
);
inf_xml_connection_close(infc_browser_get_connection(joiner->browser));
}
document_exists = FALSE;
do
{
name = inf_browser_get_node_name(browser, &iter);
if(strcmp(name, joiner->document) == 0)
{
document_exists = TRUE;
inf_browser_subscribe(
browser,
&iter,
inf_test_mass_join_subscribe_finished_cb,
joiner
);
break;
}
} while(inf_browser_get_next(browser, &iter) == TRUE);
if(!document_exists)
{
fprintf(
stderr,
"Joiner %s: Document %s does not exist\n",
joiner->username,
joiner->document
);
inf_xml_connection_close(infc_browser_get_connection(joiner->browser));
}
}
static void
inf_test_mass_join_browser_notify_status_cb(GObject* object,
const GParamSpec* pspec,
gpointer user_data)
{
InfBrowser* browser;
InfBrowserStatus status;
InfBrowserIter iter;
InfTestMassJoin* massjoin;
InfTestMassJoiner* joiner;
GSList* item;
browser = INF_BROWSER(object);
massjoin = (InfTestMassJoin*)user_data;
joiner = NULL;
for(item = massjoin->joiners; item != NULL; item = item->next)
{
joiner = (InfTestMassJoiner*)item->data;
if(INF_BROWSER(joiner->browser) == browser)
break;
}
g_assert(joiner != NULL);
g_object_get(G_OBJECT(browser), "status", &status, NULL);
switch(status)
{
case INF_BROWSER_OPENING:
/* nothing to do */
break;
case INF_BROWSER_OPEN:
fprintf(stdout, "Joiner %s: Connected\n", joiner->username);
inf_browser_get_root(browser, &iter);
inf_browser_explore(
browser,
&iter,
inf_test_mass_join_explore_finished_cb,
joiner
);
break;
case INF_BROWSER_CLOSED:
fprintf(stdout, "Joiner %s: Disconnected\n", joiner->username);
massjoin->joiners = g_slist_remove(massjoin->joiners, joiner);
if(massjoin->joiners == NULL)
inf_standalone_io_loop_quit(INF_STANDALONE_IO(massjoin->io));
break;
default:
g_assert_not_reached();
break;
}
}
static void
infinoted_plugin_manager_unload_plugin(InfinotedPluginManager* manager,
InfinotedPluginInstance* instance)
{
InfinotedPluginManagerPrivate* priv;
InfinotedPluginManagerForeachConnectionData data;
InfBrowserIter root;
priv = INFINOTED_PLUGIN_MANAGER_PRIVATE(manager);
priv->plugins = g_slist_remove(priv->plugins, instance);
/* Unregister all sessions with the plugin */
inf_browser_get_root(INF_BROWSER(priv->directory), &root);
infinoted_plugin_manager_walk_directory(
manager,
&root,
instance,
infinoted_plugin_manager_remove_session
);
/* Unregister all connections with the plugin */
data.manager = manager;
data.instance = instance;
infd_directory_foreach_connection(
priv->directory,
infinoted_plugin_manager_unload_plugin_foreach_connection_func,
&data
);
if(instance->plugin->on_deinitialize != NULL)
instance->plugin->on_deinitialize(instance+1);
infinoted_log_info(
priv->log,
_("Unloaded plugin \"%s\" from \"%s\""),
instance->plugin->name,
g_module_name(instance->module)
);
g_module_close(instance->module);
g_free(instance);
}
static void
inf_test_browser_notify_status_cb(GObject* object,
GParamSpec* pspec,
gpointer user_data)
{
InfTestBrowser* test;
InfBrowserStatus status;
test = (InfTestBrowser*)user_data;
g_object_get(G_OBJECT(test->browser), "status", &status, NULL);
if(status == INF_BROWSER_OPEN)
{
printf("Connection established\n");
#ifndef G_OS_WIN32
inf_io_add_watch(
INF_IO(test->io),
&test->input_fd,
INF_IO_INCOMING | INF_IO_ERROR,
inf_test_browser_input_cb,
test,
NULL
);
#endif
/* Explore root node */
inf_browser_get_root(test->browser, &test->cwd);
inf_browser_explore(test->browser, &test->cwd, NULL, NULL);
}
if(status == INF_BROWSER_CLOSED)
{
if(inf_standalone_io_loop_running(test->io))
inf_standalone_io_loop_quit(test->io);
}
}
static gboolean
infinoted_plugin_manager_load_plugin(InfinotedPluginManager* manager,
const gchar* plugin_path,
const gchar* plugin_name,
GKeyFile* key_file,
GError** error)
{
gchar* plugin_basename;
gchar* plugin_filename;
GModule* module;
const InfinotedPlugin* plugin;
InfinotedPluginInstance* instance;
gboolean result;
GError* local_error;
InfBrowserIter root;
InfinotedPluginManagerForeachConnectionData data;
plugin_basename = g_strdup_printf(
"libinfinoted-plugin-%s.%s",
plugin_name,
G_MODULE_SUFFIX
);
plugin_filename = g_build_filename(plugin_path, plugin_basename, NULL);
g_free(plugin_basename);
module = g_module_open(plugin_filename, G_MODULE_BIND_LOCAL);
g_free(plugin_filename);
if(module == NULL)
{
g_set_error(
error,
infinoted_plugin_manager_error_quark(),
INFINOTED_PLUGIN_MANAGER_ERROR_OPEN_FAILED,
"%s",
g_module_error()
);
return FALSE;
}
if(g_module_symbol(module, "INFINOTED_PLUGIN", (gpointer*)&plugin) == FALSE)
{
g_set_error(
error,
infinoted_plugin_manager_error_quark(),
INFINOTED_PLUGIN_MANAGER_ERROR_NO_ENTRY_POINT,
"%s",
g_module_error()
);
g_module_close(module);
return FALSE;
}
instance = g_malloc(sizeof(InfinotedPluginInstance) + plugin->info_size);
instance->module = module;
instance->plugin = plugin;
/* Call on_info_initialize, allowing the plugin to set default values */
if(plugin->on_info_initialize != NULL)
plugin->on_info_initialize(instance+1);
/* Next, parse options from keyfile */
if(plugin->options != NULL)
{
local_error = NULL;
result = infinoted_parameter_load_from_key_file(
plugin->options,
key_file,
plugin->name,
instance+1,
&local_error
);
if(result == FALSE)
{
g_free(instance);
g_module_close(module);
g_propagate_prefixed_error(
error,
local_error,
"Failed to initialize plugin \"%s\": ",
plugin_name
);
return FALSE;
}
}
/* Finally, call on_initialize, which allows the plugin to initialize
* itself with the plugin options. */
if(plugin->on_initialize != NULL)
{
local_error = NULL;
result = plugin->on_initialize(manager, instance+1, &local_error);
if(local_error != NULL)
{
if(instance->plugin->on_deinitialize != NULL)
instance->plugin->on_deinitialize(instance+1);
g_free(instance);
g_module_close(module);
g_propagate_prefixed_error(
error,
local_error,
"Failed to initialize plugin \"%s\": ",
plugin_name
);
return FALSE;
}
}
/* Register initial connections with plugin */
data.manager = manager;
data.instance = instance;
infd_directory_foreach_connection(
manager->directory,
infinoted_plugin_manager_load_plugin_foreach_connection_func,
&data
);
/* Register initial sessions with plugin */
inf_browser_get_root(INF_BROWSER(manager->directory), &root);
infinoted_plugin_manager_walk_directory(
manager,
&root,
instance,
infinoted_plugin_manager_add_session
);
infinoted_log_info(
manager->log,
_("Loaded plugin \"%s\" from \"%s\""),
plugin_name,
g_module_name(module)
);
manager->plugins = g_slist_prepend(manager->plugins, instance);
return TRUE;
}
BrowserIter::BrowserIter( const Browser &browser )
: m_infBrowser( INFC_BROWSER(browser.gobject()) )
{
Q_ASSERT(browser.connectionStatus() == INF_BROWSER_OPEN);
inf_browser_get_root(INF_BROWSER(m_infBrowser), &m_infBrowserIter);
}
static gboolean
infinoted_plugin_certificate_auth_initialize(InfinotedPluginManager* manager,
gpointer plugin_info,
GError** error)
{
InfinotedPluginCertificateAuth* plugin;
InfCertificateCredentials* creds;
GPtrArray* read_certs;
int res;
guint i;
gnutls_x509_crt_t* sign_certs;
InfCertificateChain* sign_chain;
gnutls_x509_privkey_t super_key;
InfCertUtilDescription desc;
gnutls_x509_crt_t super_cert;
InfAclAccountId super_id;
gnutls_x509_crt_t chain[2];
gboolean written;
InfdDirectory* directory;
InfBrowserIter iter;
InfAclSheetSet sheet_set;
InfAclSheet sheet;
InfRequest* request;
plugin = (InfinotedPluginCertificateAuth*)plugin_info;
plugin->manager = manager;
creds = infinoted_plugin_manager_get_credentials(manager);
if(creds == NULL)
{
g_set_error(
error,
infinoted_plugin_certificate_auth_error_quark(),
INFINOTED_PLUGIN_CERTIFICATE_AUTH_ERROR_NO_CREDENTIALS,
"%s",
_("The certificate-auth plugin can only be used when TLS is enabled "
"and a server certificate has been set.")
);
return FALSE;
}
read_certs =
inf_cert_util_read_certificate(plugin->ca_list_file, NULL, error);
if(read_certs == NULL) return FALSE;
if(read_certs->len == 0)
{
g_set_error(
error,
infinoted_plugin_certificate_auth_error_quark(),
INFINOTED_PLUGIN_CERTIFICATE_AUTH_ERROR_NO_CAS,
_("File \"%s\" does not contain any CA certificates"),
plugin->ca_list_file
);
g_ptr_array_free(read_certs, TRUE);
return FALSE;
}
plugin->n_cas = read_certs->len;
plugin->cas = (gnutls_x509_crt_t*)g_ptr_array_free(read_certs, FALSE);
res = gnutls_certificate_set_x509_trust(
inf_certificate_credentials_get(creds),
plugin->cas,
plugin->n_cas
);
if(res < 0)
{
inf_gnutls_set_error(error, res);
return FALSE;
}
if(plugin->ca_key_file != NULL)
{
plugin->ca_key =
inf_cert_util_read_private_key(plugin->ca_key_file, error);
if(plugin->ca_key == NULL)
return FALSE;
/* Walk through certificates and find the certificate that the key
* belongs to. */
for(i = 0; i < plugin->n_cas; ++i)
if(inf_cert_util_check_certificate_key(plugin->cas[i], plugin->ca_key))
break;
if(i == plugin->n_cas)
{
gnutls_x509_privkey_deinit(plugin->ca_key);
plugin->ca_key = NULL;
g_set_error(
error,
infinoted_plugin_certificate_auth_error_quark(),
INFINOTED_PLUGIN_CERTIFICATE_AUTH_ERROR_NO_CA_FOR_KEY,
"%s",
_("The given CA key does not match with any of the CA certificates")
);
return FALSE;
}
plugin->ca_key_index = i;
/* Set the signing certificate of the directory, so that it can handle
* account creation requests. Note that this takes ownership of the
* certificate, so we take special care in the cleanup code in
* infinoted_plugin_certificate_auth_deinitialize(). */
sign_certs = g_malloc(sizeof(gnutls_x509_crt_t));
sign_certs[0] = plugin->cas[plugin->ca_key_index];
sign_chain = inf_certificate_chain_new(sign_certs, 1);
infd_directory_set_certificate(
infinoted_plugin_manager_get_directory(plugin->manager),
plugin->ca_key,
sign_chain
);
inf_certificate_chain_unref(sign_chain);
}
if(plugin->super_user != NULL)
{
if(plugin->ca_key == NULL)
{
g_set_error(
error,
infinoted_plugin_certificate_auth_error_quark(),
INFINOTED_PLUGIN_CERTIFICATE_AUTH_ERROR_NO_CA_KEY,
"%s",
_("Cannot generate a superuser certificate without CA key")
);
return FALSE;
}
/* Create a private key and certificate for the super user. */
infinoted_log_info(
infinoted_plugin_manager_get_log(plugin->manager),
_("Creating 4096-bit RSA private key for the super user account...")
);
super_key =
inf_cert_util_create_private_key(GNUTLS_PK_RSA, 4096, error);
if(super_key == NULL)
return FALSE;
desc.validity = 12 * 3600; /* 12 hours */
desc.dn_common_name = "Super User";
desc.san_dnsname = NULL;
super_cert = inf_cert_util_create_signed_certificate(
super_key,
&desc,
plugin->cas[plugin->ca_key_index],
plugin->ca_key,
error
);
if(super_cert == NULL)
{
gnutls_x509_privkey_deinit(super_key);
return FALSE;
}
super_id = infd_directory_create_acl_account(
infinoted_plugin_manager_get_directory(plugin->manager),
_("Super User"),
TRUE, /* transient */
&super_cert,
1,
error
);
if(super_id == 0)
{
gnutls_x509_crt_deinit(super_cert);
gnutls_x509_privkey_deinit(super_key);
return FALSE;
}
plugin->super_id = super_id;
chain[0] = super_cert;
chain[1] = plugin->cas[plugin->ca_key_index];
written = inf_cert_util_write_certificate_with_key(
super_key,
chain,
2,
plugin->super_user,
error
);
gnutls_x509_crt_deinit(super_cert);
gnutls_x509_privkey_deinit(super_key);
if(written == FALSE)
return FALSE;
inf_browser_get_root(
INF_BROWSER(infinoted_plugin_manager_get_directory(plugin->manager)),
&iter
);
directory = infinoted_plugin_manager_get_directory(plugin->manager);
sheet.account = super_id;
sheet.mask = INF_ACL_MASK_ALL;
infd_directory_get_support_mask(directory, &sheet.perms);
sheet_set.n_sheets = 1;
sheet_set.own_sheets = NULL;
sheet_set.sheets = &sheet;
request = inf_browser_set_acl(
INF_BROWSER(directory),
&iter,
&sheet_set,
infinoted_plugin_certificate_auth_set_acl_cb,
plugin
);
if(request != NULL)
{
plugin->set_acl_request = request;
g_object_ref(plugin->set_acl_request);
}
}
return TRUE;
}
