[gnome-keyring/wip/dueno/ssh-agent: 99/105] WIP ssh
- From: Daiki Ueno <dueno src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-keyring/wip/dueno/ssh-agent: 99/105] WIP ssh
- Date: Mon, 11 Dec 2017 16:33:46 +0000 (UTC)
commit 88748e516a6c670f8031d97bced1c0e6af53dd74
Author: Stef Walter <stefw redhat com>
Date: Sat Oct 25 13:45:11 2014 +0200
WIP ssh
configure.ac | 2 +-
daemon/ssh-agent/gkd-ssh-agent-ops.c | 54 +++++++-----
daemon/ssh-agent/gkd-ssh-agent-preload.c | 129 +-----------------------------
3 files changed, 35 insertions(+), 150 deletions(-)
---
diff --git a/configure.ac b/configure.ac
index db09505..dcb25c5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -12,7 +12,7 @@ GLIB_MIN=GLIB_VERSION_2_38
GLIB_MAX=GLIB_VERSION_2_38
GCK_REQ=3.3.4
-GCR_REQ=3.5.3
+GCR_REQ=3.13.91
GCRYPT_REQ=1.2.2
GCRYPT_LIBVER=1
diff --git a/daemon/ssh-agent/gkd-ssh-agent-ops.c b/daemon/ssh-agent/gkd-ssh-agent-ops.c
index 73bf2ca..beb2c12 100644
--- a/daemon/ssh-agent/gkd-ssh-agent-ops.c
+++ b/daemon/ssh-agent/gkd-ssh-agent-ops.c
@@ -159,33 +159,41 @@ static void
preload_key_if_necessary (gint ssh_agent,
GBytes *key)
{
- EggBuffer buf;
- const guchar *blob;
- gchar *comment;
- gsize length;
- GBytes *priv;
- guchar code;
-
- priv = gkd_ssh_agent_preload_private (key);
- if (!priv)
+ GcrPrompt *prompt;
+ GcrSshAskpass *askpass;
+ GError *error = NULL;
+ gchar *filename;
+ gint status;
+
+ gchar *argv[] = {
+ SSH_ADD,
+ NULL,
+ NULL
+ };
+
+ argv[1] = filename = gkd_ssh_agent_preload_path (key);
+ if (!filename)
return;
- egg_buffer_init_full (&buf, 128, egg_secure_realloc);
- egg_buffer_add_uint32 (&buf, 0); /* length */
- egg_buffer_add_byte (&buf, GKD_SSH_OP_ADD_IDENTITY);
- blob = g_bytes_get_data (priv, &length);
- egg_buffer_add_byte_array (&buf, blob, length);
-
- if (gkd_ssh_agent_write_packet (ssh_agent, &buf) &&
- gkd_ssh_agent_read_packet (ssh_agent, &buf)) {
- if (!egg_buffer_get_byte (&buf, 4, NULL, &code) || code != GKD_SSH_RES_SUCCESS) {
- comment = gkd_ssh_agent_preload_comment (key);
- g_warning ("couldn't add private key '%s' to ssh-agent", comment);
- g_free (comment);
- }
+ prompt = gcr_system_prompt_new ();
+ askpass = gcr_ssh_askpass_new (G_TLS_INTERACTION (prompt));
+ g_object_unref (interaction);
+
+ if (!g_spawn_sync (NULL, argv, NULL, G_SPAWN_DEFAULT,
+ gcr_ssh_askpass_setup, askpass,
+ NULL, NULL, &status, &error)) {
+ g_warning ("cannot run %s: %s", argv[0], error->message);
+
+ } else if (!g_spawn_check_exit_status (status, &error)) {
+ g_message ("the %s command failed: %s", error->message);
+
+ } else {
+ gkd_ssh_agent_preload_clear (key);
}
- gkd_ssh_agent_preload_clear (key);
+ g_clear_error (&error);
+ g_object_unref (askpass);
+ g_free (filename);
}
static gboolean
diff --git a/daemon/ssh-agent/gkd-ssh-agent-preload.c b/daemon/ssh-agent/gkd-ssh-agent-preload.c
index 1eb63fa..8da2f52 100644
--- a/daemon/ssh-agent/gkd-ssh-agent-preload.c
+++ b/daemon/ssh-agent/gkd-ssh-agent-preload.c
@@ -177,7 +177,7 @@ gkd_ssh_agent_preload_keys (void)
preload_lock_and_update ();
g_hash_table_iter_init (&iter, preloads_by_key);
- while (g_hash_table_iter_next (&iter, NULL, (gpointer *)preload)) {
+ while (g_hash_table_iter_next (&iter, NULL, (gpointer *)&preload)) {
if (preload->private_file)
keys = g_list_prepend (keys, g_bytes_ref (preload->public_key));
}
@@ -204,129 +204,6 @@ gkd_ssh_agent_preload_comment (GBytes *key)
return comment;
}
-gboolean
-gkd_ssh_agent_proto_write_pair_rsa (EggBuffer *req,
- gsize *offset,
- GckAttributes *priv_attrs,
- GckAttributes *pub_attrs)
-{
- const GckAttribute *attr;
-
- g_assert (req);
- g_assert (offset);
- g_assert (priv_attrs);
- g_assert (pub_attrs);
-
- if (!gkd_ssh_agent_proto_read_mpi (req, offset, priv_attrs, CKA_MODULUS) ||
- !gkd_ssh_agent_proto_read_mpi (req, offset, priv_attrs, CKA_PUBLIC_EXPONENT) ||
- !gkd_ssh_agent_proto_read_mpi (req, offset, priv_attrs, CKA_PRIVATE_EXPONENT) ||
- !gkd_ssh_agent_proto_read_mpi (req, offset, priv_attrs, CKA_COEFFICIENT) ||
- !gkd_ssh_agent_proto_read_mpi (req, offset, priv_attrs, CKA_PRIME_1) ||
- !gkd_ssh_agent_proto_read_mpi (req, offset, priv_attrs, CKA_PRIME_2))
- return FALSE;
-
- /* Copy attributes to the public key */
- attr = gck_builder_find (priv_attrs, CKA_MODULUS);
- gck_builder_add_attribute (pub_attrs, attr);
- attr = gck_builder_find (priv_attrs, CKA_PUBLIC_EXPONENT);
- gck_builder_add_attribute (pub_attrs, attr);
-
- /* Add in your basic other required attributes */
- gck_builder_add_ulong (priv_attrs, CKA_CLASS, CKO_PRIVATE_KEY);
- gck_builder_add_ulong (priv_attrs, CKA_KEY_TYPE, CKK_RSA);
- gck_builder_add_ulong (pub_attrs, CKA_CLASS, CKO_PUBLIC_KEY);
- gck_builder_add_ulong (pub_attrs, CKA_KEY_TYPE, CKK_RSA);
-
- return TRUE;
-}
-
-gboolean
-gkd_ssh_agent_proto_read_pair_dsa (EggBuffer *req,
- gsize *offset,
- GckBuilder *priv_attrs,
- GckBuilder *pub_attrs)
-{
- const GckAttribute *attr;
-
- g_assert (req);
- g_assert (offset);
- g_assert (priv_attrs);
- g_assert (pub_attrs);
-
- if (!gkd_ssh_agent_proto_read_mpi (req, offset, priv_attrs, CKA_PRIME) ||
- !gkd_ssh_agent_proto_read_mpi (req, offset, priv_attrs, CKA_SUBPRIME) ||
- !gkd_ssh_agent_proto_read_mpi (req, offset, priv_attrs, CKA_BASE) ||
- !gkd_ssh_agent_proto_read_mpi (req, offset, pub_attrs, CKA_VALUE) ||
- !gkd_ssh_agent_proto_read_mpi (req, offset, priv_attrs, CKA_VALUE))
- return FALSE;
-
- /* Copy attributes to the public key */
- attr = gck_builder_find (priv_attrs, CKA_PRIME);
- gck_builder_add_attribute (pub_attrs, attr);
- attr = gck_builder_find (priv_attrs, CKA_SUBPRIME);
- gck_builder_add_attribute (pub_attrs, attr);
- attr = gck_builder_find (priv_attrs, CKA_BASE);
- gck_builder_add_attribute (pub_attrs, attr);
-
- /* Add in your basic other required attributes */
- gck_builder_add_ulong (priv_attrs, CKA_CLASS, CKO_PRIVATE_KEY);
- gck_builder_add_ulong (priv_attrs, CKA_KEY_TYPE, CKK_DSA);
- gck_builder_add_ulong (pub_attrs, CKA_CLASS, CKO_PUBLIC_KEY);
- gck_builder_add_ulong (pub_attrs, CKA_KEY_TYPE, CKK_DSA);
-
- return TRUE;
-}
-
-static GBytes *
-encode_key_pair ()
-{
-
-}
-
-GBytes *
-gkd_ssh_agent_preload_private (GBytes *key)
-{
- GcrParsed *parsed = NULL;
- gchar *comment = NULL;
- GBytes *contents = NULL;
- GcrParser *parser;
- Preload *preload;
-
- preload_lock_and_update ();
-
- preload = g_hash_table_lookup (preloads_by_key, key);
- if (preload) {
- if (preload->private_file)
- contents = g_bytes_ref (preload->private_file);
- comments = g_strdup (preload->comment);
- }
-
- preload_unlock ();
-
- if (!contents)
- return NULL;
-
- parser = gcr_parser_new ();
- gcr_parser_format_disable (parser, GCR_FORMAT_ALL);
- gcr_parser_format_enable (parser, GCR_FORMAT_PEM);
- g_signal_connect (parser, "authenticate", G_CALLBACK (on_parser_authenticate), comment);
- g_signal_connect (parser, "parsed", G_CALLBACK (on_parser_parsed), &parsed);
-
- if (!gcr_parser_parse_bytes (parser, contents, &error))
- g_message ("couldn't parse private key: %s: %s", comment, error->message);
-
- g_free (comment);
- g_bytes_unref (contents);
-
- if (parsed) {
- gcr_parsed_get_attributes ();
- }
-
-
- g_object_unref (parser);
- /* TODO */
-}
-
void
gkd_ssh_agent_preload_clear (GBytes *key)
{
@@ -351,7 +228,7 @@ gkd_ssh_agent_preload_clear_all (void)
preload_lock_and_update ();
- g_hash_table_iter_init (&iter, preloads_key_key);
+ g_hash_table_iter_init (&iter, preloads_by_key);
while (g_hash_table_iter_next (&iter, NULL, (gpointer *)&preload)) {
if (preload->private_file) {
g_bytes_unref (preload->private_file);
@@ -368,7 +245,7 @@ gkd_ssh_agent_preload_cleanup (void)
g_mutex_lock (&preload_mutex);
if (preloads_by_key)
- g_hash_table_destroy (prelodas_by_key);
+ g_hash_table_destroy (preloads_by_key);
preloads_by_key = NULL;
if (preloads_by_filename)
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]