3 [DBus (name = "org.janet.Moonshot")]
4 public class MoonshotServer : Object {
6 private IdentityManagerApp parent_app;
8 public MoonshotServer (IdentityManagerApp app)
10 this.parent_app = app;
15 if (parent_app.view == null) {
19 parent_app.explicitly_launched = true;
23 public async bool get_identity (string nai,
27 out string password_out,
28 out string server_certificate_hash,
29 out string ca_certificate,
30 out string subject_name_constraint,
31 out string subject_alt_name_constraint)
33 var request = new IdentityRequest (parent_app,
37 request.set_callback ((IdentityRequest) => get_identity.callback());
43 server_certificate_hash = "";
45 subject_name_constraint = "";
46 subject_alt_name_constraint = "";
48 var id_card = request.id_card;
50 if ((id_card != null) && (id_card.display_name != IdCard.NO_IDENTITY)) {
51 nai_out = id_card.nai;
52 password_out = id_card.password;
54 server_certificate_hash = id_card.trust_anchor.server_cert;
55 ca_certificate = id_card.trust_anchor.ca_cert;
56 subject_name_constraint = id_card.trust_anchor.subject;
57 subject_alt_name_constraint = id_card.trust_anchor.subject_alt;
61 if (password_out == null)
63 if (server_certificate_hash == null)
64 server_certificate_hash = "";
65 if (ca_certificate == null)
67 if (subject_name_constraint == null)
68 subject_name_constraint = "";
69 if (subject_alt_name_constraint == null)
70 subject_alt_name_constraint = "";
78 public async bool get_default_identity (out string nai_out,
79 out string password_out,
80 out string server_certificate_hash,
81 out string ca_certificate,
82 out string subject_name_constraint,
83 out string subject_alt_name_constraint)
85 var request = new IdentityRequest.default (parent_app);
86 request.set_callback ((IdentityRequest) => get_default_identity.callback());
92 server_certificate_hash = "";
94 subject_name_constraint = "";
95 subject_alt_name_constraint = "";
97 if (request.id_card != null)
99 nai_out = request.id_card.nai;
100 password_out = request.id_card.password;
102 server_certificate_hash = request.id_card.trust_anchor.server_cert;
103 ca_certificate = request.id_card.trust_anchor.ca_cert;
104 subject_name_constraint = request.id_card.trust_anchor.subject;
105 subject_alt_name_constraint = request.id_card.trust_anchor.subject_alt;
109 if (password_out == null)
111 if (server_certificate_hash == null)
112 server_certificate_hash = "";
113 if (ca_certificate == null)
115 if (subject_name_constraint == null)
116 subject_name_constraint = "";
117 if (subject_alt_name_constraint == null)
118 subject_alt_name_constraint = "";
126 public bool install_id_card (string display_name,
130 string[] ?rules_patterns,
131 string[] ?rules_always_confirm,
137 int force_flat_file_store)
139 IdCard idcard = new IdCard ();
141 idcard.display_name = display_name;
142 idcard.username = user_name;
143 idcard.password = password;
144 if ((password != null) && (password != ""))
145 idcard.store_password = true;
146 idcard.issuer = realm;
147 idcard.services = services;
148 idcard.trust_anchor.ca_cert = ca_cert;
149 idcard.trust_anchor.subject = subject;
150 idcard.trust_anchor.subject_alt = subject_alt;
151 idcard.trust_anchor.server_cert = server_cert;
153 if (rules_patterns.length == rules_always_confirm.length)
155 idcard.rules = new Rule[rules_patterns.length];
157 for (int i=0; i<idcard.rules.length; i++)
159 idcard.rules[i].pattern = rules_patterns[i];
160 idcard.rules[i].always_confirm = rules_always_confirm[i];
164 return parent_app.add_identity (idcard, force_flat_file_store!=0);
168 public int install_from_file (string file_name)
170 var webp = new WebProvisioning.Parser (file_name);
174 int installed_cards = 0;
175 foreach (IdCard card in WebProvisioning.cards)
177 string[] rules_patterns = {};
178 string[] rules_always_confirm = {};
180 if (card.rules.length > 0)
183 rules_patterns = new string[card.rules.length];
184 rules_always_confirm = new string[card.rules.length];
185 foreach (Rule r in card.rules)
187 rules_patterns[i] = r.pattern;
188 rules_always_confirm[i] = r.always_confirm;
193 result = install_id_card (card.display_name,
198 rules_always_confirm,
200 card.trust_anchor.ca_cert,
201 card.trust_anchor.subject,
202 card.trust_anchor.subject_alt,
203 card.trust_anchor.server_cert,
209 return installed_cards;
217 using MoonshotRpcInterface;
219 /* This class must be a singleton, because we use a global RPC
220 * binding handle. I cannot picture a situation where more than
221 * one instance of the same interface would be needed so this
222 * shouldn't be a problem.
224 * Shutdown is automatically done by the RPC runtime when the
227 public class MoonshotServer : Object {
228 private static IdentityManagerApp parent_app;
230 private static MoonshotServer instance = null;
232 public static void start (IdentityManagerApp app)
235 Rpc.server_start (MoonshotRpcInterface.spec, "/org/janet/Moonshot", Rpc.Flags.PER_USER);
238 public static MoonshotServer get_instance ()
240 if (instance == null)
241 instance = new MoonshotServer ();
245 [CCode (cname = "moonshot_get_identity_rpc")]
246 public static void get_identity (Rpc.AsyncCall call,
251 ref string password_out,
252 ref string server_certificate_hash,
253 ref string ca_certificate,
254 ref string subject_name_constraint,
255 ref string subject_alt_name_constraint)
259 var request = new IdentityRequest (parent_app,
264 // Pass execution to the main loop and block the RPC thread
265 request.mutex = new Mutex ();
266 request.cond = new Cond ();
267 request.set_callback (return_identity_cb);
269 request.mutex.lock ();
270 Idle.add (request.execute);
272 while (request.complete == false)
273 request.cond.wait (request.mutex);
277 server_certificate_hash = "";
279 subject_name_constraint = "";
280 subject_alt_name_constraint = "";
282 var id_card = request.id_card;
284 if (id_card != null) {
285 // The strings are freed by the RPC runtime
286 nai_out = id_card.nai;
287 password_out = id_card.password;
288 server_certificate_hash = "certificate";
290 return_if_fail (nai_out != null);
291 return_if_fail (password_out != null);
292 return_if_fail (server_certificate_hash != null);
293 return_if_fail (ca_certificate != null);
294 return_if_fail (subject_name_constraint != null);
295 return_if_fail (subject_alt_name_constraint != null);
300 // The outputs must be set before this function is called. For this
301 // reason they are 'ref' not 'out' parameters - Vala assigns to the
302 // 'out' parameters only at the end of the function, which is too
304 call.return (&result);
306 request.cond.signal ();
307 request.mutex.unlock ();
310 [CCode (cname = "moonshot_get_default_identity_rpc")]
311 public static void get_default_identity (Rpc.AsyncCall call,
313 ref string password_out,
314 ref string server_certificate_hash,
315 ref string ca_certificate,
316 ref string subject_name_constraint,
317 ref string subject_alt_name_constraint)
321 var request = new IdentityRequest.default (parent_app);
322 request.mutex = new Mutex ();
323 request.cond = new Cond ();
324 request.set_callback (return_identity_cb);
326 request.mutex.lock ();
327 Idle.add (request.execute);
329 while (request.complete == false)
330 request.cond.wait (request.mutex);
334 server_certificate_hash = "";
336 subject_name_constraint = "";
337 subject_alt_name_constraint = "";
339 if (request.id_card != null)
341 nai_out = request.id_card.nai;
342 password_out = request.id_card.password;
343 server_certificate_hash = "certificate";
345 return_if_fail (nai_out != null);
346 return_if_fail (password_out != null);
347 return_if_fail (server_certificate_hash != null);
348 return_if_fail (ca_certificate != null);
349 return_if_fail (subject_name_constraint != null);
350 return_if_fail (subject_alt_name_constraint != null);
359 call.return (&result);
361 request.cond.signal ();
362 request.mutex.unlock ();
365 // Called from the main loop thread when an identity has
367 static void return_identity_cb (IdentityRequest request) {
368 // Notify the RPC thread that the request is complete
369 request.mutex.lock ();
370 request.cond.signal ();
372 // Block the main loop until the RPC call has returned
373 // to avoid any races
374 request.cond.wait (request.mutex);
375 request.mutex.unlock ();
378 [CCode (cname = "moonshot_install_id_card_rpc")]
379 public static bool install_id_card (string display_name,
383 string[] rules_patterns,
384 string[] rules_always_confirm,
390 bool force_flat_file_store)
392 IdCard idcard = new IdCard ();
393 bool success = false;
394 Mutex mutex = new Mutex();
395 Cond cond = new Cond();
397 idcard.display_name = display_name;
398 idcard.username = user_name;
399 idcard.password = password;
400 idcard.issuer = realm;
401 idcard.services = services;
402 idcard.trust_anchor.ca_cert = ca_cert;
403 idcard.trust_anchor.subject = subject;
404 idcard.trust_anchor.subject_alt = subject_alt;
405 idcard.trust_anchor.server_cert = server_cert;
407 if (rules_patterns.length == rules_always_confirm.length)
409 idcard.rules = new Rule[rules_patterns.length];
411 for (int i=0; i<idcard.rules.length; i++)
413 idcard.rules[i].pattern = rules_patterns[i];
414 idcard.rules[i].always_confirm = rules_always_confirm[i];
420 // Defer addition to the main loop thread.
423 success = parent_app.add_identity (idcard, force_flat_file_store);