3 [DBus (name = "org.janet.Moonshot")]
4 public class MoonshotServer : Object {
6 private IdentityManagerApp parent_app;
8 public MoonshotServer (IdentityManagerApp app)
10 this.parent_app = app;
15 if (parent_app.view == null) {
19 parent_app.explicitly_launched = true;
23 public async bool get_identity (string nai,
27 out string password_out,
28 out string server_certificate_hash,
29 out string ca_certificate,
30 out string subject_name_constraint,
31 out string subject_alt_name_constraint)
33 var request = new IdentityRequest (parent_app,
37 request.set_callback ((IdentityRequest) => get_identity.callback());
43 server_certificate_hash = "";
45 subject_name_constraint = "";
46 subject_alt_name_constraint = "";
48 var id_card = request.id_card;
50 if ((id_card != null) && (id_card.display_name != IdCard.NO_IDENTITY)) {
51 nai_out = id_card.nai;
52 if ((request.password!=null) && (request.password != ""))
53 password_out = request.password;
55 password_out = id_card.password;
57 server_certificate_hash = id_card.trust_anchor.server_cert;
58 ca_certificate = id_card.trust_anchor.ca_cert;
59 subject_name_constraint = id_card.trust_anchor.subject;
60 subject_alt_name_constraint = id_card.trust_anchor.subject_alt;
64 if (password_out == null)
66 if (server_certificate_hash == null)
67 server_certificate_hash = "";
68 if (ca_certificate == null)
70 if (subject_name_constraint == null)
71 subject_name_constraint = "";
72 if (subject_alt_name_constraint == null)
73 subject_alt_name_constraint = "";
81 public async bool get_default_identity (out string nai_out,
82 out string password_out,
83 out string server_certificate_hash,
84 out string ca_certificate,
85 out string subject_name_constraint,
86 out string subject_alt_name_constraint)
88 var request = new IdentityRequest.default (parent_app);
89 request.set_callback ((IdentityRequest) => get_default_identity.callback());
95 server_certificate_hash = "";
97 subject_name_constraint = "";
98 subject_alt_name_constraint = "";
100 if (request.id_card != null)
102 nai_out = request.id_card.nai;
103 password_out = request.id_card.password;
105 server_certificate_hash = request.id_card.trust_anchor.server_cert;
106 ca_certificate = request.id_card.trust_anchor.ca_cert;
107 subject_name_constraint = request.id_card.trust_anchor.subject;
108 subject_alt_name_constraint = request.id_card.trust_anchor.subject_alt;
112 if (password_out == null)
114 if (server_certificate_hash == null)
115 server_certificate_hash = "";
116 if (ca_certificate == null)
118 if (subject_name_constraint == null)
119 subject_name_constraint = "";
120 if (subject_alt_name_constraint == null)
121 subject_alt_name_constraint = "";
129 public bool install_id_card (string display_name,
133 string[] ?rules_patterns,
134 string[] ?rules_always_confirm,
140 int force_flat_file_store)
142 IdCard idcard = new IdCard ();
144 idcard.display_name = display_name;
145 idcard.username = user_name;
146 idcard.password = password;
147 if ((password != null) && (password != ""))
148 idcard.store_password = true;
149 idcard.issuer = realm;
150 idcard.services = services;
151 idcard.trust_anchor.ca_cert = ca_cert;
152 idcard.trust_anchor.subject = subject;
153 idcard.trust_anchor.subject_alt = subject_alt;
154 idcard.trust_anchor.server_cert = server_cert;
156 if (rules_patterns.length == rules_always_confirm.length)
158 /* workaround Centos vala array property bug: use temp array */
159 Rule[] rules = new Rule[rules_patterns.length];
161 for (int i=0; i<rules.length; i++)
163 rules[i].pattern = rules_patterns[i];
164 rules[i].always_confirm = rules_always_confirm[i];
166 idcard.rules = rules;
169 return parent_app.add_identity (idcard, force_flat_file_store!=0);
173 public int install_from_file (string file_name)
175 var webp = new WebProvisioning.Parser (file_name);
179 int installed_cards = 0;
180 foreach (IdCard card in WebProvisioning.cards)
182 string[] rules_patterns = {};
183 string[] rules_always_confirm = {};
185 if (card.rules.length > 0)
188 rules_patterns = new string[card.rules.length];
189 rules_always_confirm = new string[card.rules.length];
190 foreach (Rule r in card.rules)
192 rules_patterns[i] = r.pattern;
193 rules_always_confirm[i] = r.always_confirm;
198 result = install_id_card (card.display_name,
203 rules_always_confirm,
205 card.trust_anchor.ca_cert,
206 card.trust_anchor.subject,
207 card.trust_anchor.subject_alt,
208 card.trust_anchor.server_cert,
214 return installed_cards;
222 using MoonshotRpcInterface;
224 /* This class must be a singleton, because we use a global RPC
225 * binding handle. I cannot picture a situation where more than
226 * one instance of the same interface would be needed so this
227 * shouldn't be a problem.
229 * Shutdown is automatically done by the RPC runtime when the
232 public class MoonshotServer : Object {
233 private static IdentityManagerApp parent_app;
235 private static MoonshotServer instance = null;
237 public static void start (IdentityManagerApp app)
240 Rpc.server_start (MoonshotRpcInterface.spec, "/org/janet/Moonshot", Rpc.Flags.PER_USER);
243 public static MoonshotServer get_instance ()
245 if (instance == null)
246 instance = new MoonshotServer ();
250 [CCode (cname = "moonshot_get_identity_rpc")]
251 public static void get_identity (Rpc.AsyncCall call,
256 ref string password_out,
257 ref string server_certificate_hash,
258 ref string ca_certificate,
259 ref string subject_name_constraint,
260 ref string subject_alt_name_constraint)
264 var request = new IdentityRequest (parent_app,
269 // Pass execution to the main loop and block the RPC thread
270 request.mutex = new Mutex ();
271 request.cond = new Cond ();
272 request.set_callback (return_identity_cb);
274 request.mutex.lock ();
275 Idle.add (request.execute);
277 while (request.complete == false)
278 request.cond.wait (request.mutex);
282 server_certificate_hash = "";
284 subject_name_constraint = "";
285 subject_alt_name_constraint = "";
287 var id_card = request.id_card;
289 if (id_card != null) {
290 // The strings are freed by the RPC runtime
291 nai_out = id_card.nai;
292 password_out = id_card.password;
293 server_certificate_hash = "certificate";
295 return_if_fail (nai_out != null);
296 return_if_fail (password_out != null);
297 return_if_fail (server_certificate_hash != null);
298 return_if_fail (ca_certificate != null);
299 return_if_fail (subject_name_constraint != null);
300 return_if_fail (subject_alt_name_constraint != null);
305 // The outputs must be set before this function is called. For this
306 // reason they are 'ref' not 'out' parameters - Vala assigns to the
307 // 'out' parameters only at the end of the function, which is too
309 call.return (&result);
311 request.cond.signal ();
312 request.mutex.unlock ();
315 [CCode (cname = "moonshot_get_default_identity_rpc")]
316 public static void get_default_identity (Rpc.AsyncCall call,
318 ref string password_out,
319 ref string server_certificate_hash,
320 ref string ca_certificate,
321 ref string subject_name_constraint,
322 ref string subject_alt_name_constraint)
326 var request = new IdentityRequest.default (parent_app);
327 request.mutex = new Mutex ();
328 request.cond = new Cond ();
329 request.set_callback (return_identity_cb);
331 request.mutex.lock ();
332 Idle.add (request.execute);
334 while (request.complete == false)
335 request.cond.wait (request.mutex);
339 server_certificate_hash = "";
341 subject_name_constraint = "";
342 subject_alt_name_constraint = "";
344 if (request.id_card != null)
346 nai_out = request.id_card.nai;
347 password_out = request.id_card.password;
348 server_certificate_hash = "certificate";
350 return_if_fail (nai_out != null);
351 return_if_fail (password_out != null);
352 return_if_fail (server_certificate_hash != null);
353 return_if_fail (ca_certificate != null);
354 return_if_fail (subject_name_constraint != null);
355 return_if_fail (subject_alt_name_constraint != null);
364 call.return (&result);
366 request.cond.signal ();
367 request.mutex.unlock ();
370 // Called from the main loop thread when an identity has
372 static void return_identity_cb (IdentityRequest request) {
373 // Notify the RPC thread that the request is complete
374 request.mutex.lock ();
375 request.cond.signal ();
377 // Block the main loop until the RPC call has returned
378 // to avoid any races
379 request.cond.wait (request.mutex);
380 request.mutex.unlock ();
383 [CCode (cname = "moonshot_install_id_card_rpc")]
384 public static bool install_id_card (string display_name,
388 string[] rules_patterns,
389 string[] rules_always_confirm,
395 bool force_flat_file_store)
397 IdCard idcard = new IdCard ();
398 bool success = false;
399 Mutex mutex = new Mutex();
400 Cond cond = new Cond();
402 idcard.display_name = display_name;
403 idcard.username = user_name;
404 idcard.password = password;
405 idcard.issuer = realm;
406 idcard.services = services;
407 idcard.trust_anchor.ca_cert = ca_cert;
408 idcard.trust_anchor.subject = subject;
409 idcard.trust_anchor.subject_alt = subject_alt;
410 idcard.trust_anchor.server_cert = server_cert;
412 if (rules_patterns.length == rules_always_confirm.length)
414 idcard.rules = new Rule[rules_patterns.length];
416 for (int i=0; i<idcard.rules.length; i++)
418 idcard.rules[i].pattern = rules_patterns[i];
419 idcard.rules[i].always_confirm = rules_always_confirm[i];
425 // Defer addition to the main loop thread.
428 success = parent_app.add_identity (idcard, force_flat_file_store);