libmoonshot/libmoonshot-dbus.c

   1 /* libmoonshot - Moonshot client library
   2  * Copyright (c) 2011, JANET(UK)
   3  * All rights reserved.
   4  *
   5  * Redistribution and use in source and binary forms, with or without
   6  * modification, are permitted provided that the following conditions
   7  * are met:
   8  *
   9  * 1. Redistributions of source code must retain the above copyright
  10  *    notice, this list of conditions and the following disclaimer.
  11  *
  12  * 2. Redistributions in binary form must reproduce the above copyright
  13  *    notice, this list of conditions and the following disclaimer in the
  14  *    documentation and/or other materials provided with the distribution.
  15  *
  16  * 3. Neither the name of JANET(UK) nor the names of its contributors
  17  *    may be used to endorse or promote products derived from this software
  18  *    without specific prior written permission.
  19  *
  20  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
  21  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  22  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  23  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
  24  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  25  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  26  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  27  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  28  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  29  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  30  * SUCH DAMAGE.
  31  *
  32  * Author: Sam Thursfield <samthursfield@codethink.co.uk>
  33  */
  34
  35 #include <assert.h>
  36 #include <string.h>
  37 #include <unistd.h>
  38 #include <dbus/dbus-glib.h>
  39 #include <dbus/dbus.h>
  40 #include <dbus/dbus-glib-lowlevel.h>
  41 #include <glib/gspawn.h>
  42
  43
  44 #include "libmoonshot.h"
  45 #include "libmoonshot-common.h"
  46
  47 /*30 days in ms*/
  48 #define INFINITE_TIMEOUT 10*24*60*60*1000
  49
  50 #define MOONSHOT_DBUS_NAME "org.janet.Moonshot"
  51 #define MOONSHOT_DBUS_PATH "/org/janet/moonshot"
  52
  53 /* This library is overly complicated currently due to the requirement
  54  * that it work on Debian Squeeze - this has GLib 2.24 which requires us
  55  * to use dbus-glib instead of GDBus. If/when this requirement is
  56  * dropped the DBus version of the library can be greatly simplified.
  57  */
  58
  59 /* Note that ideally this library would not depend on GLib. This would be
  60  * possible using libdbus directly and running our own message loop while
  61  * waiting for calls.
  62  */
  63
  64 void moonshot_free (void *data)
  65 {
  66     g_free (data);
  67 }
  68 static char *moonshot_launch_argv[] = {
  69   MOONSHOT_LAUNCH_SCRIPT, NULL
  70 };
  71
  72 static DBusGConnection *dbus_launch_moonshot()
  73 {
  74     DBusGConnection *connection = NULL;
  75     GError *error = NULL;
  76     DBusError dbus_error;
  77     GPid child_pid;
  78     gint fd_stdin = -1, fd_stdout = -1;
  79     ssize_t addresslen;
  80     dbus_error_init(&dbus_error);
  81     char dbus_address[1024];
  82
  83     if (g_spawn_async_with_pipes( NULL /*cwd*/,
  84                                   moonshot_launch_argv, NULL /*environ*/,
  85                                   0 /*flags*/, NULL /*setup*/, NULL,
  86                                   &child_pid, &fd_stdin, &fd_stdout,
  87                                   NULL /*stderr*/, NULL /*error*/) == 0 ) {
  88       return NULL;
  89     }
  90
  91     addresslen = read( fd_stdout, dbus_address, sizeof dbus_address);
  92     close(fd_stdout);
  93     /* we require at least 2 octets of address because we trim the newline*/
  94     if (addresslen <= 1) {
  95     fail: dbus_error_free(&dbus_error);
  96       if (connection != NULL)
  97         dbus_g_connection_unref(connection);
  98       close(fd_stdin);
  99       g_spawn_close_pid(child_pid);
 100       return NULL;
 101     }
 102     dbus_address[addresslen-1] = '\0';
 103     connection = dbus_g_connection_open(dbus_address, &error);
 104     if (error) {
 105       g_error_free(error);
 106       goto fail;
 107     }
 108     if (!dbus_bus_register(dbus_g_connection_get_connection(connection),
 109                            &dbus_error))
 110       goto fail;
 111         return connection;
 112 }
 113
 114
 115 static DBusGProxy *dbus_connect (MoonshotError **error)
 116 {
 117     DBusConnection  *dbconnection;
 118     DBusError        dbus_error;
 119     DBusGConnection *connection;
 120     DBusGProxy      *g_proxy;
 121     GError          *g_error = NULL;
 122     dbus_bool_t      name_has_owner;
 123
 124     g_return_val_if_fail (*error == NULL, NULL);
 125
 126     dbus_error_init (&dbus_error);
 127
 128     /* Check for moonshot server and start the service if possible. We use
 129      * libdbus here because dbus-glib doesn't handle autostarting the service.
 130      * If/when we move to GDBus this code can become a one-liner.
 131      */
 132
 133     connection = dbus_g_bus_get (DBUS_BUS_SESSION, &g_error);
 134
 135     if (g_error_matches(g_error, DBUS_GERROR, DBUS_GERROR_NOT_SUPPORTED)) {
 136       /*Generally this means autolaunch failed because probably DISPLAY is unset*/
 137       connection = dbus_launch_moonshot();
 138       if (connection != NULL) {
 139         g_error_free(g_error);
 140         g_error = NULL;
 141       }
 142     }
 143
 144     if (g_error != NULL) {
 145       *error = moonshot_error_new (MOONSHOT_ERROR_IPC_ERROR,
 146                                    "DBus error: %s",
 147                                    g_error->message);
 148       g_error_free (g_error);
 149         return NULL;
 150     }
 151
 152     dbconnection = dbus_g_connection_get_connection(connection);
 153     name_has_owner  = dbus_bus_name_has_owner (dbconnection,
 154                                                MOONSHOT_DBUS_NAME,
 155                                                &dbus_error);
 156
 157     if (dbus_error_is_set (&dbus_error)) {
 158         *error = moonshot_error_new (MOONSHOT_ERROR_IPC_ERROR,
 159                                      "DBus error: %s",
 160                                      dbus_error.message);
 161         dbus_error_free (&dbus_error);
 162         return NULL;
 163     }
 164
 165     if (! name_has_owner) {
 166         dbus_bus_start_service_by_name (dbconnection,
 167                                         MOONSHOT_DBUS_NAME,
 168                                         0,
 169                                         NULL,
 170                                         &dbus_error);
 171
 172         if (dbus_error_is_set (&dbus_error)) {
 173             if (strcmp (dbus_error.name + 27, "ServiceUnknown") == 0) {
 174                 /* Missing .service file; the moonshot-ui install is broken */
 175                 *error = moonshot_error_new (MOONSHOT_ERROR_UNABLE_TO_START_SERVICE,
 176                                              "The Moonshot service was not found. "
 177                                              "Please make sure that moonshot-ui is "
 178                                              "correctly installed.");
 179             } else {
 180                 *error = moonshot_error_new (MOONSHOT_ERROR_IPC_ERROR,
 181                                              "DBus error: %s",
 182                                              dbus_error.message);
 183             }
 184             dbus_error_free (&dbus_error);
 185             return NULL;
 186         }
 187     }
 188
 189     /* Now the service should be running */
 190     g_error = NULL;
 191
 192     g_proxy = dbus_g_proxy_new_for_name_owner (connection,
 193                                                MOONSHOT_DBUS_NAME,
 194                                                MOONSHOT_DBUS_PATH,
 195                                                MOONSHOT_DBUS_NAME,
 196                                                &g_error);
 197
 198     if (g_error != NULL) {
 199         *error = moonshot_error_new (MOONSHOT_ERROR_IPC_ERROR,
 200                                      "DBus error: %s",
 201                                      g_error->message);
 202         g_error_free (g_error);
 203         return NULL;
 204     }
 205
 206     return g_proxy;
 207 }
 208
 209 static DBusGProxy *get_dbus_proxy (MoonshotError **error)
 210 {
 211     static DBusGProxy    *dbus_proxy = NULL;
 212     static GStaticMutex   init_lock = G_STATIC_MUTEX_INIT;
 213
 214     g_static_mutex_lock (&init_lock);
 215
 216     if (dbus_proxy == NULL) {
 217         /* Make sure GObject is initialised, in case we are the only user
 218          * of GObject in the process
 219          */
 220         g_type_init ();
 221         dbus_proxy = dbus_connect (error);
 222     }
 223
 224     if (dbus_proxy != NULL)
 225         g_object_ref (dbus_proxy);
 226
 227     g_static_mutex_unlock (&init_lock);
 228
 229     return dbus_proxy;
 230 }
 231
 232 int moonshot_get_identity (const char     *nai,
 233                            const char     *password,
 234                            const char     *service,
 235                            char          **nai_out,
 236                            char          **password_out,
 237                            char          **server_certificate_hash_out,
 238                            char          **ca_certificate_out,
 239                            char          **subject_name_constraint_out,
 240                            char          **subject_alt_name_constraint_out,
 241                            MoonshotError **error)
 242 {
 243     GError     *g_error = NULL;
 244     DBusGProxy *dbus_proxy;
 245     int         success;
 246
 247     dbus_proxy = get_dbus_proxy (error);
 248
 249     if (*error != NULL)
 250         return FALSE;
 251
 252     g_return_val_if_fail (DBUS_IS_G_PROXY (dbus_proxy), FALSE);
 253
 254     dbus_g_proxy_call_with_timeout (dbus_proxy,
 255                        "GetIdentity",
 256                                     INFINITE_TIMEOUT,
 257                                     &g_error,
 258                        G_TYPE_STRING, nai,
 259                        G_TYPE_STRING, password,
 260                        G_TYPE_STRING, service,
 261                        G_TYPE_INVALID,
 262                        G_TYPE_STRING, nai_out,
 263                        G_TYPE_STRING, password_out,
 264                        G_TYPE_STRING, server_certificate_hash_out,
 265                        G_TYPE_STRING, ca_certificate_out,
 266                        G_TYPE_STRING, subject_name_constraint_out,
 267                        G_TYPE_STRING, subject_alt_name_constraint_out,
 268                        G_TYPE_BOOLEAN, &success,
 269                        G_TYPE_INVALID);
 270
 271     g_object_unref (dbus_proxy);
 272
 273     if (g_error != NULL) {
 274         *error = moonshot_error_new (MOONSHOT_ERROR_IPC_ERROR,
 275                                      g_error->message);
 276         return FALSE;
 277     }
 278
 279     if (success == FALSE) {
 280         *error = moonshot_error_new (MOONSHOT_ERROR_NO_IDENTITY_SELECTED,
 281                                      "No identity was returned by the Moonshot "
 282                                      "user interface.");
 283         return FALSE;
 284     }
 285
 286     return TRUE;
 287 }
 288
 289 int moonshot_get_default_identity (char          **nai_out,
 290                                    char          **password_out,
 291                                    char          **server_certificate_hash_out,
 292                                    char          **ca_certificate_out,
 293                                    char          **subject_name_constraint_out,
 294                                    char          **subject_alt_name_constraint_out,
 295                                    MoonshotError **error)
 296 {
 297     GError     *g_error = NULL;
 298     DBusGProxy *dbus_proxy;
 299     int         success = FALSE;
 300
 301     dbus_proxy = get_dbus_proxy (error);
 302
 303     if (*error != NULL)
 304         return FALSE;
 305
 306     g_return_val_if_fail (DBUS_IS_G_PROXY (dbus_proxy), FALSE);
 307
 308     dbus_g_proxy_call_with_timeout (dbus_proxy,
 309                        "GetDefaultIdentity",
 310                                     INFINITE_TIMEOUT,
 311                        &g_error,
 312                        G_TYPE_INVALID,
 313                        G_TYPE_STRING, nai_out,
 314                        G_TYPE_STRING, password_out,
 315                        G_TYPE_STRING, server_certificate_hash_out,
 316                        G_TYPE_STRING, ca_certificate_out,
 317                        G_TYPE_STRING, subject_name_constraint_out,
 318                        G_TYPE_STRING, subject_alt_name_constraint_out,
 319                        G_TYPE_BOOLEAN, &success,
 320                        G_TYPE_INVALID);
 321
 322     g_object_unref (dbus_proxy);
 323
 324     if (g_error != NULL) {
 325         *error = moonshot_error_new (MOONSHOT_ERROR_IPC_ERROR,
 326                                      g_error->message);
 327         return FALSE;
 328     }
 329
 330     if (success == FALSE) {
 331         *error = moonshot_error_new (MOONSHOT_ERROR_NO_IDENTITY_SELECTED,
 332                                      "No identity was returned by the Moonshot "
 333                                      "user interface.");
 334         return FALSE;
 335     }
 336
 337     return TRUE;
 338 }
 339
 340 int moonshot_install_id_card (const char     *display_name,
 341                               const char     *user_name,
 342                               const char     *password,
 343                               const char     *realm,
 344                               char           *rules_patterns[],
 345                               int             rules_patterns_length,
 346                               char           *rules_always_confirm[],
 347                               int             rules_always_confirm_length,
 348                               char           *services[],
 349                               int             services_length,
 350                               const char     *ca_cert,
 351                               const char     *subject,
 352                               const char     *subject_alt,
 353                               const char     *server_cert,
 354                               int            force_flat_file_store,
 355                               MoonshotError **error)
 356 {
 357     GError      *g_error = NULL;
 358     DBusGProxy  *dbus_proxy;
 359     int          success = FALSE;
 360     int          i;
 361     const char **rules_patterns_strv,
 362                **rules_always_confirm_strv,
 363                **services_strv;
 364
 365     dbus_proxy = get_dbus_proxy (error);
 366
 367     if (*error != NULL)
 368         return FALSE;
 369
 370     g_return_val_if_fail (DBUS_IS_G_PROXY (dbus_proxy), FALSE);
 371     g_return_val_if_fail (rules_patterns_length == rules_always_confirm_length, FALSE);
 372
 373     /* Marshall array and struct parameters for DBus */
 374     rules_patterns_strv = g_malloc ((rules_patterns_length + 1) * sizeof (const char *));
 375     rules_always_confirm_strv = g_malloc ((rules_patterns_length + 1) * sizeof (const char *));
 376     services_strv = g_malloc ((services_length + 1) * sizeof (const char *));
 377
 378     for (i = 0; i < rules_patterns_length; i ++) {
 379         rules_patterns_strv[i] = rules_patterns[i];
 380         rules_always_confirm_strv[i] = rules_always_confirm[i];
 381     }
 382
 383     for (i = 0; i < services_length; i ++)
 384         services_strv[i] = services[i];
 385
 386     rules_patterns_strv[rules_patterns_length] = NULL;
 387     rules_always_confirm_strv[rules_patterns_length] = NULL;
 388     services_strv[services_length] = NULL;
 389
 390     dbus_g_proxy_call (dbus_proxy,
 391                        "InstallIdCard",
 392                        &g_error,
 393                        G_TYPE_STRING, display_name,
 394                        G_TYPE_STRING, user_name,
 395                        G_TYPE_STRING, password,
 396                        G_TYPE_STRING, realm,
 397                        G_TYPE_STRV, rules_patterns_strv,
 398                        G_TYPE_STRV, rules_always_confirm_strv,
 399                        G_TYPE_STRV, services_strv,
 400                        G_TYPE_STRING, ca_cert,
 401                        G_TYPE_STRING, subject,
 402                        G_TYPE_STRING, subject_alt,
 403                        G_TYPE_STRING, server_cert,
 404                        G_TYPE_INT, force_flat_file_store,
 405                        G_TYPE_INVALID,
 406                        G_TYPE_BOOLEAN, &success,
 407                        G_TYPE_INVALID);
 408
 409     g_object_unref (dbus_proxy);
 410
 411     if (g_error != NULL) {
 412         *error = moonshot_error_new (MOONSHOT_ERROR_IPC_ERROR,
 413                                      g_error->message);
 414         return FALSE;
 415     }
 416
 417     return success;
 418 }