X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=src%2Fmoonshot-server.vala;h=74288f78e5f71d7af06ae6e99385873c01436e06;hb=5b68b364f2c62fa43111b5a53c7040d34205ba20;hp=2972927cf57e9cd80b8ac9cd3c1c2992ad2e31c9;hpb=a5b1e449813455325cfa96cc3153b32f6fea7e41;p=moonshot-ui.git diff --git a/src/moonshot-server.vala b/src/moonshot-server.vala index 2972927..74288f7 100644 --- a/src/moonshot-server.vala +++ b/src/moonshot-server.vala @@ -1,13 +1,54 @@ +/* + * Copyright (c) 2011-2014, JANET(UK) + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of JANET(UK) nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. +*/ #if IPC_DBUS [DBus (name = "org.janet.Moonshot")] public class MoonshotServer : Object { - private MainWindow main_window; + private IdentityManagerApp parent_app; + + public MoonshotServer (IdentityManagerApp app) + { + this.parent_app = app; + } - public MoonshotServer (Gtk.Window window) + public bool show_ui() { - this.main_window = (MainWindow) window; + if (parent_app.view == null) { + return false; + } + parent_app.show(); + parent_app.explicitly_launched = true; + return true; } public async bool get_identity (string nai, @@ -20,7 +61,7 @@ public class MoonshotServer : Object { out string subject_name_constraint, out string subject_alt_name_constraint) { - var request = new IdentityRequest (main_window, + var request = new IdentityRequest (parent_app, nai, password, service); @@ -37,15 +78,30 @@ public class MoonshotServer : Object { var id_card = request.id_card; - if (id_card != null) { + if ((id_card != null) && (id_card.display_name != IdCard.NO_IDENTITY)) { nai_out = id_card.nai; - password_out = id_card.password; - - server_certificate_hash = "certificate"; - - // User should have been prompted if there was no p/w. - return_if_fail (nai_out != null); - return_if_fail (password_out != null); + if ((request.password!=null) && (request.password != "")) + password_out = request.password; + else + password_out = id_card.password; + + server_certificate_hash = id_card.trust_anchor.server_cert; + ca_certificate = id_card.trust_anchor.ca_cert; + subject_name_constraint = id_card.trust_anchor.subject; + subject_alt_name_constraint = id_card.trust_anchor.subject_alt; + + if (nai_out == null) + nai_out = ""; + if (password_out == null) + password_out = ""; + if (server_certificate_hash == null) + server_certificate_hash = ""; + if (ca_certificate == null) + ca_certificate = ""; + if (subject_name_constraint == null) + subject_name_constraint = ""; + if (subject_alt_name_constraint == null) + subject_alt_name_constraint = ""; return true; } @@ -60,7 +116,7 @@ public class MoonshotServer : Object { out string subject_name_constraint, out string subject_alt_name_constraint) { - var request = new IdentityRequest.default (main_window); + var request = new IdentityRequest.default (parent_app); request.set_callback ((IdentityRequest) => get_default_identity.callback()); request.execute (); yield; @@ -77,79 +133,120 @@ public class MoonshotServer : Object { nai_out = request.id_card.nai; password_out = request.id_card.password; - server_certificate_hash = "certificate"; - - // User should have been prompted if there was no p/w. - return_val_if_fail (nai_out != null, false); - return_val_if_fail (password_out != null, false); + server_certificate_hash = request.id_card.trust_anchor.server_cert; + ca_certificate = request.id_card.trust_anchor.ca_cert; + subject_name_constraint = request.id_card.trust_anchor.subject; + subject_alt_name_constraint = request.id_card.trust_anchor.subject_alt; + + if (nai_out == null) + nai_out = ""; + if (password_out == null) + password_out = ""; + if (server_certificate_hash == null) + server_certificate_hash = ""; + if (ca_certificate == null) + ca_certificate = ""; + if (subject_name_constraint == null) + subject_name_constraint = ""; + if (subject_alt_name_constraint == null) + subject_alt_name_constraint = ""; return true; } return false; } - - public async bool install_id_card (string display_name, - string user_name, - string password, - string realm, - string[] rules_patterns, - string[] rules_always_confirm, - string[] services, - string ca_cert, - string subject, - string subject_alt, - string server_cert) + + public bool install_id_card (string display_name, + string user_name, + string ?password, + string ?realm, + string[] ?rules_patterns, + string[] ?rules_always_confirm, + string[] ?services, + string ?ca_cert, + string ?subject, + string ?subject_alt, + string ?server_cert, + int force_flat_file_store) { IdCard idcard = new IdCard (); - + idcard.display_name = display_name; idcard.username = user_name; idcard.password = password; + if ((password != null) && (password != "")) + idcard.store_password = true; idcard.issuer = realm; idcard.services = services; idcard.trust_anchor.ca_cert = ca_cert; idcard.trust_anchor.subject = subject; idcard.trust_anchor.subject_alt = subject_alt; idcard.trust_anchor.server_cert = server_cert; - + if (rules_patterns.length == rules_always_confirm.length) { - idcard.rules = new Rule[rules_patterns.length]; + /* workaround Centos vala array property bug: use temp array */ + Rule[] rules = new Rule[rules_patterns.length]; - for (int i=0; i 0) { - main_window.insert_id_card (idcard); - return true; + int i = 0; + rules_patterns = new string[card.rules.length]; + rules_always_confirm = new string[card.rules.length]; + foreach (Rule r in card.rules) + { + rules_patterns[i] = r.pattern; + rules_always_confirm[i] = r.always_confirm; + i++; + } + } + + result = install_id_card (card.display_name, + card.username, + card.password, + card.issuer, + rules_patterns, + rules_always_confirm, + card.services, + card.trust_anchor.ca_cert, + card.trust_anchor.subject, + card.trust_anchor.subject_alt, + card.trust_anchor.server_cert, + 0); + if (result) { + installed_cards++; } - - return false; } - + return installed_cards; + } } + #elif IPC_MSRPC using Rpc; @@ -164,13 +261,13 @@ using MoonshotRpcInterface; * process ends */ public class MoonshotServer : Object { - private static MainWindow main_window; + private static IdentityManagerApp parent_app; private static MoonshotServer instance = null; - public static void start (Gtk.Window window) + public static void start (IdentityManagerApp app) { - main_window = (MainWindow) window; + parent_app = app; Rpc.server_start (MoonshotRpcInterface.spec, "/org/janet/Moonshot", Rpc.Flags.PER_USER); } @@ -195,7 +292,7 @@ public class MoonshotServer : Object { { bool result = false; - var request = new IdentityRequest (main_window, + var request = new IdentityRequest (parent_app, nai, password, service); @@ -220,11 +317,14 @@ public class MoonshotServer : Object { var id_card = request.id_card; - if (id_card == null) { + if (id_card != null) { // The strings are freed by the RPC runtime nai_out = id_card.nai; password_out = id_card.password; - server_certificate_hash = "certificate"; + server_certificate_hash = id_card.trust_anchor.server_cert; + ca_certificate = id_card.trust_anchor.ca_cert; + subject_name_constraint = id_card.trust_anchor.subject; + subject_alt_name_constraint = id_card.trust_anchor.subject_alt; return_if_fail (nai_out != null); return_if_fail (password_out != null); @@ -257,7 +357,7 @@ public class MoonshotServer : Object { { bool result; - var request = new IdentityRequest.default (main_window); + var request = new IdentityRequest.default (parent_app); request.mutex = new Mutex (); request.cond = new Cond (); request.set_callback (return_identity_cb); @@ -313,6 +413,65 @@ public class MoonshotServer : Object { request.cond.wait (request.mutex); request.mutex.unlock (); } + + [CCode (cname = "moonshot_install_id_card_rpc")] + public static bool install_id_card (string display_name, + string user_name, + string password, + string realm, + string[] rules_patterns, + string[] rules_always_confirm, + string[] services, + string ca_cert, + string subject, + string subject_alt, + string server_cert, + bool force_flat_file_store) + { + IdCard idcard = new IdCard (); + bool success = false; + Mutex mutex = new Mutex(); + Cond cond = new Cond(); + + idcard.display_name = display_name; + idcard.username = user_name; + idcard.password = password; + idcard.issuer = realm; + idcard.services = services; + idcard.trust_anchor.ca_cert = ca_cert; + idcard.trust_anchor.subject = subject; + idcard.trust_anchor.subject_alt = subject_alt; + idcard.trust_anchor.server_cert = server_cert; + + if (rules_patterns.length == rules_always_confirm.length) + { + idcard.rules = new Rule[rules_patterns.length]; + + for (int i=0; i { + mutex.lock (); + success = parent_app.add_identity (idcard, force_flat_file_store); + cond.signal (); + mutex.unlock (); + return false; + }); + + cond.wait (mutex); + mutex.unlock (); + + return success; + } + } + #endif