3 [DBus (name = "org.janet.Moonshot")]
4 public class MoonshotServer : Object {
6 private IdentityManagerApp parent_app;
8 public MoonshotServer (IdentityManagerApp app)
10 this.parent_app = app;
15 if (parent_app.view == null) {
19 parent_app.explicitly_launched = true;
23 public async bool get_identity (string nai,
27 out string password_out,
28 out string server_certificate_hash,
29 out string ca_certificate,
30 out string subject_name_constraint,
31 out string subject_alt_name_constraint)
33 var request = new IdentityRequest (parent_app,
37 request.set_callback ((IdentityRequest) => get_identity.callback());
43 server_certificate_hash = "";
45 subject_name_constraint = "";
46 subject_alt_name_constraint = "";
48 var id_card = request.id_card;
50 if ((id_card != null) && (id_card.display_name != IdCard.NO_IDENTITY)) {
51 nai_out = id_card.nai;
52 if ((request.password!=null) && (request.password != ""))
53 password_out = request.password;
55 password_out = id_card.password;
57 server_certificate_hash = id_card.trust_anchor.server_cert;
58 ca_certificate = id_card.trust_anchor.ca_cert;
59 subject_name_constraint = id_card.trust_anchor.subject;
60 subject_alt_name_constraint = id_card.trust_anchor.subject_alt;
64 if (password_out == null)
66 if (server_certificate_hash == null)
67 server_certificate_hash = "";
68 if (ca_certificate == null)
70 if (subject_name_constraint == null)
71 subject_name_constraint = "";
72 if (subject_alt_name_constraint == null)
73 subject_alt_name_constraint = "";
81 public async bool get_default_identity (out string nai_out,
82 out string password_out,
83 out string server_certificate_hash,
84 out string ca_certificate,
85 out string subject_name_constraint,
86 out string subject_alt_name_constraint)
88 var request = new IdentityRequest.default (parent_app);
89 request.set_callback ((IdentityRequest) => get_default_identity.callback());
95 server_certificate_hash = "";
97 subject_name_constraint = "";
98 subject_alt_name_constraint = "";
100 if (request.id_card != null)
102 nai_out = request.id_card.nai;
103 password_out = request.id_card.password;
105 server_certificate_hash = request.id_card.trust_anchor.server_cert;
106 ca_certificate = request.id_card.trust_anchor.ca_cert;
107 subject_name_constraint = request.id_card.trust_anchor.subject;
108 subject_alt_name_constraint = request.id_card.trust_anchor.subject_alt;
112 if (password_out == null)
114 if (server_certificate_hash == null)
115 server_certificate_hash = "";
116 if (ca_certificate == null)
118 if (subject_name_constraint == null)
119 subject_name_constraint = "";
120 if (subject_alt_name_constraint == null)
121 subject_alt_name_constraint = "";
129 public bool install_id_card (string display_name,
133 string[] ?rules_patterns,
134 string[] ?rules_always_confirm,
140 int force_flat_file_store)
142 IdCard idcard = new IdCard ();
144 idcard.display_name = display_name;
145 idcard.username = user_name;
146 idcard.password = password;
147 if ((password != null) && (password != ""))
148 idcard.store_password = true;
149 idcard.issuer = realm;
150 idcard.services = services;
151 idcard.trust_anchor.ca_cert = ca_cert;
152 idcard.trust_anchor.subject = subject;
153 idcard.trust_anchor.subject_alt = subject_alt;
154 idcard.trust_anchor.server_cert = server_cert;
156 if (rules_patterns.length == rules_always_confirm.length)
158 idcard.rules = new Rule[rules_patterns.length];
160 for (int i=0; i<idcard.rules.length; i++)
162 idcard.rules[i].pattern = rules_patterns[i];
163 idcard.rules[i].always_confirm = rules_always_confirm[i];
167 return parent_app.add_identity (idcard, force_flat_file_store!=0);
171 public int install_from_file (string file_name)
173 var webp = new WebProvisioning.Parser (file_name);
177 int installed_cards = 0;
178 foreach (IdCard card in WebProvisioning.cards)
180 string[] rules_patterns = {};
181 string[] rules_always_confirm = {};
183 if (card.rules.length > 0)
186 rules_patterns = new string[card.rules.length];
187 rules_always_confirm = new string[card.rules.length];
188 foreach (Rule r in card.rules)
190 rules_patterns[i] = r.pattern;
191 rules_always_confirm[i] = r.always_confirm;
196 result = install_id_card (card.display_name,
201 rules_always_confirm,
203 card.trust_anchor.ca_cert,
204 card.trust_anchor.subject,
205 card.trust_anchor.subject_alt,
206 card.trust_anchor.server_cert,
212 return installed_cards;
220 using MoonshotRpcInterface;
222 /* This class must be a singleton, because we use a global RPC
223 * binding handle. I cannot picture a situation where more than
224 * one instance of the same interface would be needed so this
225 * shouldn't be a problem.
227 * Shutdown is automatically done by the RPC runtime when the
230 public class MoonshotServer : Object {
231 private static IdentityManagerApp parent_app;
233 private static MoonshotServer instance = null;
235 public static void start (IdentityManagerApp app)
238 Rpc.server_start (MoonshotRpcInterface.spec, "/org/janet/Moonshot", Rpc.Flags.PER_USER);
241 public static MoonshotServer get_instance ()
243 if (instance == null)
244 instance = new MoonshotServer ();
248 [CCode (cname = "moonshot_get_identity_rpc")]
249 public static void get_identity (Rpc.AsyncCall call,
254 ref string password_out,
255 ref string server_certificate_hash,
256 ref string ca_certificate,
257 ref string subject_name_constraint,
258 ref string subject_alt_name_constraint)
262 var request = new IdentityRequest (parent_app,
267 // Pass execution to the main loop and block the RPC thread
268 request.mutex = new Mutex ();
269 request.cond = new Cond ();
270 request.set_callback (return_identity_cb);
272 request.mutex.lock ();
273 Idle.add (request.execute);
275 while (request.complete == false)
276 request.cond.wait (request.mutex);
280 server_certificate_hash = "";
282 subject_name_constraint = "";
283 subject_alt_name_constraint = "";
285 var id_card = request.id_card;
287 if (id_card != null) {
288 // The strings are freed by the RPC runtime
289 nai_out = id_card.nai;
290 password_out = id_card.password;
291 server_certificate_hash = "certificate";
293 return_if_fail (nai_out != null);
294 return_if_fail (password_out != null);
295 return_if_fail (server_certificate_hash != null);
296 return_if_fail (ca_certificate != null);
297 return_if_fail (subject_name_constraint != null);
298 return_if_fail (subject_alt_name_constraint != null);
303 // The outputs must be set before this function is called. For this
304 // reason they are 'ref' not 'out' parameters - Vala assigns to the
305 // 'out' parameters only at the end of the function, which is too
307 call.return (&result);
309 request.cond.signal ();
310 request.mutex.unlock ();
313 [CCode (cname = "moonshot_get_default_identity_rpc")]
314 public static void get_default_identity (Rpc.AsyncCall call,
316 ref string password_out,
317 ref string server_certificate_hash,
318 ref string ca_certificate,
319 ref string subject_name_constraint,
320 ref string subject_alt_name_constraint)
324 var request = new IdentityRequest.default (parent_app);
325 request.mutex = new Mutex ();
326 request.cond = new Cond ();
327 request.set_callback (return_identity_cb);
329 request.mutex.lock ();
330 Idle.add (request.execute);
332 while (request.complete == false)
333 request.cond.wait (request.mutex);
337 server_certificate_hash = "";
339 subject_name_constraint = "";
340 subject_alt_name_constraint = "";
342 if (request.id_card != null)
344 nai_out = request.id_card.nai;
345 password_out = request.id_card.password;
346 server_certificate_hash = "certificate";
348 return_if_fail (nai_out != null);
349 return_if_fail (password_out != null);
350 return_if_fail (server_certificate_hash != null);
351 return_if_fail (ca_certificate != null);
352 return_if_fail (subject_name_constraint != null);
353 return_if_fail (subject_alt_name_constraint != null);
362 call.return (&result);
364 request.cond.signal ();
365 request.mutex.unlock ();
368 // Called from the main loop thread when an identity has
370 static void return_identity_cb (IdentityRequest request) {
371 // Notify the RPC thread that the request is complete
372 request.mutex.lock ();
373 request.cond.signal ();
375 // Block the main loop until the RPC call has returned
376 // to avoid any races
377 request.cond.wait (request.mutex);
378 request.mutex.unlock ();
381 [CCode (cname = "moonshot_install_id_card_rpc")]
382 public static bool install_id_card (string display_name,
386 string[] rules_patterns,
387 string[] rules_always_confirm,
393 bool force_flat_file_store)
395 IdCard idcard = new IdCard ();
396 bool success = false;
397 Mutex mutex = new Mutex();
398 Cond cond = new Cond();
400 idcard.display_name = display_name;
401 idcard.username = user_name;
402 idcard.password = password;
403 idcard.issuer = realm;
404 idcard.services = services;
405 idcard.trust_anchor.ca_cert = ca_cert;
406 idcard.trust_anchor.subject = subject;
407 idcard.trust_anchor.subject_alt = subject_alt;
408 idcard.trust_anchor.server_cert = server_cert;
410 if (rules_patterns.length == rules_always_confirm.length)
412 idcard.rules = new Rule[rules_patterns.length];
414 for (int i=0; i<idcard.rules.length; i++)
416 idcard.rules[i].pattern = rules_patterns[i];
417 idcard.rules[i].always_confirm = rules_always_confirm[i];
423 // Defer addition to the main loop thread.
426 success = parent_app.add_identity (idcard, force_flat_file_store);