/* GSecret - GLib wrapper for Secret Service * * Copyright 2011 Collabora Ltd. * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Lesser General Public License as published * by the Free Software Foundation; either version 2 of the licence or (at * your option) any later version. * * See the included COPYING file for more information. */ #include "config.h" #include "gsecret-collection.h" #include "gsecret-dbus-generated.h" #include "gsecret-item.h" #include "gsecret-private.h" #include "gsecret-service.h" #include "gsecret-types.h" #include "gsecret-value.h" #ifdef WITH_GCRYPT #include "egg/egg-dh.h" #include "egg/egg-hkdf.h" #include "egg/egg-libgcrypt.h" #endif #include "egg/egg-hex.h" #include "egg/egg-secure-memory.h" #include #include #include EGG_SECURE_GLIB_DEFINITIONS (); EGG_SECURE_DECLARE (secret_service); static const gchar *default_bus_name = GSECRET_SERVICE_BUS_NAME; #define ALGORITHMS_AES "dh-ietf1024-sha256-aes128-cbc-pkcs7" #define ALGORITHMS_PLAIN "plain" typedef struct { gchar *path; const gchar *algorithms; #ifdef WITH_GCRYPT gcry_mpi_t prime; gcry_mpi_t privat; gcry_mpi_t publi; #endif gpointer key; gsize n_key; } GSecretSession; enum { PROP_0, PROP_COLLECTIONS }; typedef struct _GSecretServicePrivate { /* No change between construct and finalize */ GCancellable *cancellable; /* Locked by mutex */ GMutex mutex; gpointer session; GHashTable *collections; } GSecretServicePrivate; G_LOCK_DEFINE (service_instance); static gpointer service_instance = NULL; G_DEFINE_TYPE (GSecretService, gsecret_service, G_TYPE_DBUS_PROXY); static void gsecret_session_free (gpointer data) { GSecretSession *session = data; if (session == NULL) return; g_free (session->path); #ifdef WITH_GCRYPT gcry_mpi_release (session->publi); gcry_mpi_release (session->privat); gcry_mpi_release (session->prime); #endif egg_secure_free (session->key); g_free (session); } static GHashTable * collections_table_new (void) { return g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_object_unref); } static void gsecret_service_init (GSecretService *self) { self->pv = G_TYPE_INSTANCE_GET_PRIVATE (self, GSECRET_TYPE_SERVICE, GSecretServicePrivate); g_mutex_init (&self->pv->mutex); self->pv->cancellable = g_cancellable_new (); self->pv->collections = collections_table_new (); } static void gsecret_service_get_property (GObject *obj, guint prop_id, GValue *value, GParamSpec *pspec) { GSecretService *self = GSECRET_SERVICE (obj); switch (prop_id) { case PROP_COLLECTIONS: g_value_take_boxed (value, gsecret_service_get_collections (self)); break; default: G_OBJECT_WARN_INVALID_PROPERTY_ID (obj, prop_id, pspec); break; } } static void gsecret_service_dispose (GObject *obj) { GSecretService *self = GSECRET_SERVICE (obj); g_cancellable_cancel (self->pv->cancellable); G_OBJECT_CLASS (gsecret_service_parent_class)->dispose (obj); } static void gsecret_service_finalize (GObject *obj) { GSecretService *self = GSECRET_SERVICE (obj); gsecret_session_free (self->pv->session); g_hash_table_destroy (self->pv->collections); g_clear_object (&self->pv->cancellable); G_OBJECT_CLASS (gsecret_service_parent_class)->finalize (obj); } static gboolean gsecret_service_real_prompt_sync (GSecretService *self, GSecretPrompt *prompt, GCancellable *cancellable, GError **error) { return gsecret_prompt_perform_sync (prompt, 0, cancellable, error); } static void on_real_prompt_completed (GObject *source, GAsyncResult *result, gpointer user_data) { GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); GError *error = NULL; gboolean ret; ret = gsecret_prompt_perform_finish (GSECRET_PROMPT (source), result, &error); g_simple_async_result_set_op_res_gboolean (res, ret); if (error != NULL) g_simple_async_result_take_error (res, error); g_simple_async_result_complete (res); g_object_unref (res); } static void gsecret_service_real_prompt_async (GSecretService *self, GSecretPrompt *prompt, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { GSimpleAsyncResult *res; res = g_simple_async_result_new (G_OBJECT (self), callback, user_data, gsecret_service_real_prompt_async); gsecret_prompt_perform (prompt, 0, cancellable, on_real_prompt_completed, g_object_ref (res)); g_object_unref (res); } static gboolean gsecret_service_real_prompt_finish (GSecretService *self, GAsyncResult *result, GError **error) { GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (result); if (g_simple_async_result_propagate_error (res, error)) return FALSE; return g_simple_async_result_get_op_res_gboolean (res); } typedef struct { GCancellable *cancellable; GHashTable *collections; gint collections_loading; } LoadClosure; static void load_closure_free (gpointer data) { LoadClosure *closure = data; g_clear_object (&closure->cancellable); g_hash_table_unref (closure->collections); g_slice_free (LoadClosure, closure); } static GSimpleAsyncResult * load_result_new (GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { GSimpleAsyncResult *res; LoadClosure *closure; res = g_simple_async_result_new (NULL, callback, user_data, load_result_new); closure = g_slice_new (LoadClosure); closure->cancellable = cancellable ? g_object_ref (cancellable) : NULL; closure->collections = collections_table_new (); g_simple_async_result_set_op_res_gpointer (res, closure, load_closure_free); return res; } static void load_collections_complete (GSecretService *self, GSimpleAsyncResult *res) { LoadClosure *closure = g_simple_async_result_get_op_res_gpointer (res); GHashTable *collections; g_assert (closure->collections_loading == 0); g_hash_table_ref (closure->collections); g_mutex_lock (&self->pv->mutex); collections = self->pv->collections; self->pv->collections = closure->collections; g_mutex_unlock (&self->pv->mutex); g_hash_table_unref (collections); g_simple_async_result_complete (res); } static void on_collection_loading (GObject *source, GAsyncResult *result, gpointer user_data) { GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); GSecretService *self = GSECRET_SERVICE (g_async_result_get_source_object (user_data)); LoadClosure *closure = g_simple_async_result_get_op_res_gpointer (res); GSecretCollection *collection; const gchar *collection_path; GError *error = NULL; closure->collections_loading--; collection = gsecret_collection_new_finish (result, &error); if (error != NULL) g_simple_async_result_take_error (res, error); if (collection != NULL) { collection_path = g_dbus_proxy_get_object_path (G_DBUS_PROXY (self)); g_hash_table_insert (closure->collections, g_strdup (collection_path), collection); } if (closure->collections_loading == 0) load_collections_complete (self, res); g_object_unref (self); g_object_unref (res); } static void load_collections_perform (GSecretService *self, GSimpleAsyncResult *res, GVariant *collection_paths) { LoadClosure *closure = g_simple_async_result_get_op_res_gpointer (res); GSecretCollection *collection; gchar *collection_path; GVariantIter iter; g_variant_iter_init (&iter, collection_paths); while (g_variant_iter_loop (&iter, "o", &collection_path)) { /* Lookup the collection */ g_mutex_lock (&self->pv->mutex); collection = g_hash_table_lookup (self->pv->collections, collection_path); if (collection != NULL) g_object_ref (collection); g_mutex_unlock (&self->pv->mutex); if (collection == NULL) { gsecret_collection_new (self, collection_path, closure->cancellable, on_collection_loading, g_object_ref (res)); closure->collections_loading++; } else { g_hash_table_insert (closure->collections, g_strdup (collection_path), collection); } } if (closure->collections_loading == 0) load_collections_complete (self, res); g_variant_unref (collection_paths); } static void handle_property_changed (GSecretService *self, const gchar *property_name, GVariant *value) { GSimpleAsyncResult *res; if (g_str_equal (property_name, "Collections")) { res = load_result_new (self->pv->cancellable, NULL, NULL); if (value == NULL) value = g_dbus_proxy_get_cached_property (G_DBUS_PROXY (self), "Collections"); else g_variant_ref (value); if (value == NULL) { g_warning ("couldn't retrieve Service Collections property"); g_simple_async_result_complete (res); } else { load_collections_perform (self, res, value); g_variant_unref (value); } g_object_unref (res); } } static void gsecret_service_properties_changed (GDBusProxy *proxy, GVariant *changed_properties, const gchar* const *invalidated_properties) { GSecretService *self = GSECRET_SERVICE (proxy); gchar *property_name; GVariantIter iter; GVariant *value; g_object_freeze_notify (G_OBJECT (self)); g_variant_iter_init (&iter, changed_properties); while (g_variant_iter_loop (&iter, "{sv}", &property_name, &value)) handle_property_changed (self, property_name, value); g_object_thaw_notify (G_OBJECT (self)); } static void gsecret_service_class_init (GSecretServiceClass *klass) { GObjectClass *object_class = G_OBJECT_CLASS (klass); GDBusProxyClass *proxy_class = G_DBUS_PROXY_CLASS (klass); object_class->get_property = gsecret_service_get_property; object_class->dispose = gsecret_service_dispose; object_class->finalize = gsecret_service_finalize; proxy_class->g_properties_changed = gsecret_service_properties_changed; klass->prompt_sync = gsecret_service_real_prompt_sync; klass->prompt_async = gsecret_service_real_prompt_async; klass->prompt_finish = gsecret_service_real_prompt_finish; g_type_class_add_private (klass, sizeof (GSecretServicePrivate)); } void _gsecret_service_set_default_bus_name (const gchar *bus_name) { g_return_if_fail (bus_name != NULL); default_bus_name = bus_name; } static void on_service_instance_gone (gpointer user_data, GObject *where_the_object_was) { G_LOCK (service_instance); g_assert (service_instance == where_the_object_was); service_instance = NULL; G_UNLOCK (service_instance); } GSecretService * _gsecret_service_bare_instance (GDBusConnection *connection, const gchar *bus_name) { GSecretService *service = NULL; GError *error = NULL; g_return_val_if_fail (G_IS_DBUS_CONNECTION (connection), NULL); G_LOCK (service_instance); if (service_instance != NULL) service = g_object_ref (service_instance); G_UNLOCK (service_instance); if (service != NULL) return service; /* Alternate bus name is only used for testing */ if (bus_name == NULL) bus_name = default_bus_name; service = g_initable_new (GSECRET_TYPE_SERVICE, NULL, &error, "g-flags", G_DBUS_PROXY_FLAGS_DO_NOT_LOAD_PROPERTIES, "g-interface-info", _gsecret_gen_service_interface_info (), "g-name", bus_name, "g-connection", connection, "g-object-path", GSECRET_SERVICE_PATH, "g-interface-name", GSECRET_SERVICE_INTERFACE, NULL); if (error != NULL) { g_warning ("couldn't create GSecretService object: %s", error->message); g_clear_error (&error); return NULL; } g_assert (GSECRET_IS_SERVICE (service)); G_LOCK (service_instance); if (service_instance == NULL) { service_instance = service; g_object_weak_ref (G_OBJECT (service), on_service_instance_gone, NULL); } else { g_object_unref (service); service = g_object_ref (service_instance); } G_UNLOCK (service_instance); return service; } typedef struct { GCancellable *cancellable; GSecretService *service; gboolean ensure_session; gchar *bus_name; } ConnectClosure; static void connect_closure_free (gpointer data) { ConnectClosure *closure = data; g_clear_object (&closure->cancellable); g_clear_object (&closure->service); g_slice_free (ConnectClosure, closure); } static void on_connect_ensure (GObject *source, GAsyncResult *result, gpointer user_data) { GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); GError *error = NULL; gsecret_service_ensure_session_finish (GSECRET_SERVICE (source), result, &error); if (error != NULL) g_simple_async_result_take_error (res, error); g_simple_async_result_complete (res); g_object_unref (res); } static void on_connect_bus (GObject *source, GAsyncResult *result, gpointer user_data) { GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); ConnectClosure *closure = g_simple_async_result_get_op_res_gpointer (res); GDBusConnection *connection; GError *error = NULL; connection = g_bus_get_finish (result, &error); if (error == NULL) { closure->service = _gsecret_service_bare_instance (connection, closure->bus_name); if (closure->ensure_session) gsecret_service_ensure_session (closure->service, closure->cancellable, on_connect_ensure, g_object_ref (res)); else g_simple_async_result_complete (res); g_object_unref (connection); } else { g_simple_async_result_take_error (res, error); g_simple_async_result_complete (res); } g_object_unref (res); } void _gsecret_service_bare_connect (const gchar *bus_name, gboolean ensure_session, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { GSimpleAsyncResult *res; ConnectClosure *closure; g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable)); if (bus_name == NULL) bus_name = default_bus_name; res = g_simple_async_result_new (NULL, callback, user_data, _gsecret_service_bare_connect); closure = g_slice_new0 (ConnectClosure); closure->bus_name = g_strdup (bus_name); closure->cancellable = cancellable ? g_object_ref (cancellable) : NULL; closure->ensure_session = ensure_session; g_simple_async_result_set_op_res_gpointer (res, closure, connect_closure_free); g_bus_get (G_BUS_TYPE_SESSION, cancellable, on_connect_bus, g_object_ref (res)); g_object_unref (res); } GSecretService * _gsecret_service_bare_connect_finish (GAsyncResult *result, GError **error) { ConnectClosure *closure; GSimpleAsyncResult *res; g_return_val_if_fail (error == NULL || *error == NULL, NULL); g_return_val_if_fail (g_simple_async_result_is_valid (result, NULL, _gsecret_service_bare_connect), NULL); res = G_SIMPLE_ASYNC_RESULT (result); if (g_simple_async_result_propagate_error (res, error)) return NULL; closure = g_simple_async_result_get_op_res_gpointer (res); return g_object_ref (closure->service); } typedef struct { GCancellable *cancellable; GSecretService *service; } ServiceClosure; static void service_closure_free (gpointer data) { ServiceClosure *closure = data; g_clear_object (&closure->cancellable); g_clear_object (&closure->service); g_slice_free (ServiceClosure, closure); } static void on_service_properties (GObject *source, GAsyncResult *result, gpointer user_data) { GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); GError *error = NULL; _gsecret_util_get_properties_finish (G_DBUS_PROXY (source), gsecret_service_get, result, &error); if (error != NULL) g_simple_async_result_take_error (res, error); g_simple_async_result_complete (res); g_object_unref (res); } static void on_service_connected (GObject *source, GAsyncResult *result, gpointer user_data) { GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); ServiceClosure *closure = g_simple_async_result_get_op_res_gpointer (res); GError *error = NULL; closure->service = _gsecret_service_bare_connect_finish (result, &error); if (error != NULL) g_simple_async_result_take_error (res, error); _gsecret_util_get_properties (G_DBUS_PROXY (closure->service), gsecret_service_get, closure->cancellable, on_service_properties, g_object_ref (res)); g_object_unref (res); } void gsecret_service_get (GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { GSimpleAsyncResult *res; ServiceClosure *closure; g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable)); res = g_simple_async_result_new (NULL, callback, user_data, gsecret_service_get); closure = g_slice_new0 (ServiceClosure); closure->cancellable = cancellable ? g_object_ref (cancellable) : NULL; g_simple_async_result_set_op_res_gpointer (res, closure, service_closure_free); _gsecret_service_bare_connect (NULL, FALSE, cancellable, on_service_connected, g_object_ref (res)); g_object_unref (res); } GSecretService * gsecret_service_get_finish (GAsyncResult *result, GError **error) { GSimpleAsyncResult *res; GSecretService *service; g_return_val_if_fail (G_IS_ASYNC_RESULT (result), NULL); g_return_val_if_fail (error == NULL || *error == NULL, NULL); g_return_val_if_fail (g_simple_async_result_is_valid (result, NULL, gsecret_service_get), NULL); res = G_SIMPLE_ASYNC_RESULT (result); if (g_simple_async_result_propagate_error (res, error)) return NULL; service = g_simple_async_result_get_op_res_gpointer (res); if (service != NULL) g_object_ref (service); return service; } GSecretService * gsecret_service_get_sync (GCancellable *cancellable, GError **error) { GSecretService *service; GSecretSync *sync; g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), FALSE); g_return_val_if_fail (error == NULL || *error == NULL, FALSE); sync = _gsecret_sync_new (); g_main_context_push_thread_default (sync->context); gsecret_service_get (cancellable, _gsecret_sync_on_result, sync); g_main_loop_run (sync->loop); service = gsecret_service_get_finish (sync->result, error); g_main_context_pop_thread_default (sync->context); _gsecret_sync_free (sync); return service; } GList * gsecret_service_get_collections (GSecretService *self) { GList *l, *collections; g_return_val_if_fail (GSECRET_IS_SERVICE (self), NULL); g_mutex_lock (&self->pv->mutex); collections = g_hash_table_get_values (self->pv->collections); for (l = collections; l != NULL; l = g_list_next (l)) g_object_ref (l->data); g_mutex_unlock (&self->pv->mutex); return collections; } GSecretItem * _gsecret_service_find_item_instance (GSecretService *self, const gchar *item_path) { GSecretCollection *collection; gchar *collection_path; GSecretItem *item; collection_path = _gsecret_util_parent_path (item_path); g_mutex_lock (&self->pv->mutex); collection = g_hash_table_lookup (self->pv->collections, collection_path); if (collection != NULL) g_object_ref (collection); g_mutex_unlock (&self->pv->mutex); g_free (collection_path); if (collection == NULL) return NULL; item = _gsecret_collection_find_item_instance (collection, item_path); g_object_unref (collection); return item; } const gchar * gsecret_service_get_session_algorithms (GSecretService *self) { GSecretSession *session; const gchar *algorithms; g_return_val_if_fail (GSECRET_IS_SERVICE (self), NULL); g_mutex_lock (&self->pv->mutex); session = self->pv->session; algorithms = session ? session->algorithms : NULL; g_mutex_unlock (&self->pv->mutex); /* Session never changes once established, so can return const */ return algorithms; } const gchar * gsecret_service_get_session_path (GSecretService *self) { GSecretSession *session; const gchar *path; g_return_val_if_fail (GSECRET_IS_SERVICE (self), NULL); g_mutex_lock (&self->pv->mutex); session = self->pv->session; path = session ? session->path : NULL; g_mutex_unlock (&self->pv->mutex); /* Session never changes once established, so can return const */ return path; } #ifdef WITH_GCRYPT static GVariant * request_open_session_aes (GSecretSession *session) { gcry_error_t gcry; gcry_mpi_t base; unsigned char *buffer; size_t n_buffer; GVariant *argument; g_assert (session->prime == NULL); g_assert (session->privat == NULL); g_assert (session->publi == NULL); /* Initialize our local parameters and values */ if (!egg_dh_default_params ("ietf-ike-grp-modp-1536", &session->prime, &base)) g_return_val_if_reached (NULL); #if 0 g_printerr ("\n lib prime: "); gcry_mpi_dump (session->prime); g_printerr ("\n lib base: "); gcry_mpi_dump (base); g_printerr ("\n"); #endif if (!egg_dh_gen_pair (session->prime, base, 0, &session->publi, &session->privat)) g_return_val_if_reached (NULL); gcry_mpi_release (base); gcry = gcry_mpi_aprint (GCRYMPI_FMT_USG, &buffer, &n_buffer, session->publi); g_return_val_if_fail (gcry == 0, NULL); argument = g_variant_new_from_data (G_VARIANT_TYPE ("ay"), buffer, n_buffer, TRUE, gcry_free, buffer); return g_variant_new ("(sv)", ALGORITHMS_AES, argument); } static gboolean response_open_session_aes (GSecretSession *session, GVariant *response) { gconstpointer buffer; GVariant *argument; const gchar *sig; gsize n_buffer; gcry_mpi_t peer; gcry_error_t gcry; gpointer ikm; gsize n_ikm; sig = g_variant_get_type_string (response); g_return_val_if_fail (sig != NULL, FALSE); if (!g_str_equal (sig, "(vo)")) { g_warning ("invalid OpenSession() response from daemon with signature: %s", sig); return FALSE; } g_assert (session->path == NULL); g_variant_get (response, "(vo)", &argument, &session->path); buffer = g_variant_get_fixed_array (argument, &n_buffer, sizeof (guchar)); gcry = gcry_mpi_scan (&peer, GCRYMPI_FMT_USG, buffer, n_buffer, NULL); g_return_val_if_fail (gcry == 0, FALSE); g_variant_unref (argument); #if 0 g_printerr (" lib publi: "); gcry_mpi_dump (session->publi); g_printerr ("\n lib peer: "); gcry_mpi_dump (peer); g_printerr ("\n"); #endif ikm = egg_dh_gen_secret (peer, session->privat, session->prime, &n_ikm); gcry_mpi_release (peer); #if 0 g_printerr (" lib ikm: %s\n", egg_hex_encode (ikm, n_ikm)); #endif if (ikm == NULL) { g_warning ("couldn't negotiate a valid AES session key"); g_free (session->path); session->path = NULL; return FALSE; } session->n_key = 16; session->key = egg_secure_alloc (session->n_key); if (!egg_hkdf_perform ("sha256", ikm, n_ikm, NULL, 0, NULL, 0, session->key, session->n_key)) g_return_val_if_reached (FALSE); egg_secure_free (ikm); session->algorithms = ALGORITHMS_AES; return TRUE; } #endif /* WITH_GCRYPT */ static GVariant * request_open_session_plain (GSecretSession *session) { GVariant *argument = g_variant_new_string (""); return g_variant_new ("(sv)", "plain", argument); } static gboolean response_open_session_plain (GSecretSession *session, GVariant *response) { GVariant *argument; const gchar *sig; sig = g_variant_get_type_string (response); g_return_val_if_fail (sig != NULL, FALSE); if (!g_str_equal (sig, "(vo)")) { g_warning ("invalid OpenSession() response from daemon with signature: %s", g_variant_get_type_string (response)); return FALSE; } g_assert (session->path == NULL); g_variant_get (response, "(vo)", &argument, &session->path); g_variant_unref (argument); g_assert (session->key == NULL); g_assert (session->n_key == 0); session->algorithms = ALGORITHMS_PLAIN; return TRUE; } typedef struct { GCancellable *cancellable; GSecretSession *session; } OpenSessionClosure; static void open_session_closure_free (gpointer data) { OpenSessionClosure *closure = data; g_assert (closure); g_clear_object (&closure->cancellable); gsecret_session_free (closure->session); g_free (closure); } static void on_service_open_session_plain (GObject *source, GAsyncResult *result, gpointer user_data) { GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); OpenSessionClosure *closure = g_simple_async_result_get_op_res_gpointer (res); GSecretService *self = GSECRET_SERVICE (source); GError *error = NULL; GVariant *response; response = g_dbus_proxy_call_finish (G_DBUS_PROXY (self), result, &error); /* A successful response, decode it */ if (response != NULL) { if (response_open_session_plain (closure->session, response)) { g_mutex_lock (&self->pv->mutex); if (self->pv->session == NULL) { self->pv->session = closure->session; closure->session = NULL; /* Service takes ownership */ } g_mutex_unlock (&self->pv->mutex); } else { g_simple_async_result_set_error (res, GSECRET_ERROR, GSECRET_ERROR_PROTOCOL, _("Couldn't communicate with the secret storage")); } g_simple_async_result_complete (res); g_variant_unref (response); } else { g_simple_async_result_take_error (res, error); g_simple_async_result_complete (res); } g_object_unref (res); } #ifdef WITH_GCRYPT static void on_service_open_session_aes (GObject *source, GAsyncResult *result, gpointer user_data) { GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); OpenSessionClosure * closure = g_simple_async_result_get_op_res_gpointer (res); GSecretService *self = GSECRET_SERVICE (source); GError *error = NULL; GVariant *response; response = g_dbus_proxy_call_finish (G_DBUS_PROXY (self), result, &error); /* A successful response, decode it */ if (response != NULL) { if (response_open_session_aes (closure->session, response)) { g_mutex_lock (&self->pv->mutex); if (self->pv->session == NULL) { self->pv->session = closure->session; closure->session = NULL; /* Service takes ownership */ } g_mutex_unlock (&self->pv->mutex); } else { g_simple_async_result_set_error (res, GSECRET_ERROR, GSECRET_ERROR_PROTOCOL, _("Couldn't communicate with the secret storage")); } g_simple_async_result_complete (res); g_variant_unref (response); } else { /* AES session not supported, request a plain session */ if (g_error_matches (error, G_DBUS_ERROR, G_DBUS_ERROR_NOT_SUPPORTED)) { g_dbus_proxy_call (G_DBUS_PROXY (source), "OpenSession", request_open_session_plain (closure->session), G_DBUS_CALL_FLAGS_NONE, -1, closure->cancellable, on_service_open_session_plain, g_object_ref (res)); g_error_free (error); /* Other errors result in a failure */ } else { g_simple_async_result_take_error (res, error); g_simple_async_result_complete (res); } } g_object_unref (res); } #endif /* WITH_GCRYPT */ void gsecret_service_ensure_session (GSecretService *self, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { GSimpleAsyncResult *res; OpenSessionClosure *closure; GSecretSession *session; g_return_if_fail (GSECRET_IS_SERVICE (self)); g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable)); res = g_simple_async_result_new (G_OBJECT (self), callback, user_data, gsecret_service_ensure_session); g_mutex_lock (&self->pv->mutex); session = self->pv->session; g_mutex_unlock (&self->pv->mutex); /* If we have no session, then request an AES session */ if (session == NULL) { closure = g_new (OpenSessionClosure, 1); closure->cancellable = cancellable ? g_object_ref (cancellable) : cancellable; closure->session = g_new0 (GSecretSession, 1); g_simple_async_result_set_op_res_gpointer (res, closure, open_session_closure_free); g_dbus_proxy_call (G_DBUS_PROXY (self), "OpenSession", #ifdef WITH_GCRYPT request_open_session_aes (closure->session), G_DBUS_CALL_FLAGS_NONE, -1, cancellable, on_service_open_session_aes, #else request_open_session_plain (closure->session), G_DBUS_CALL_FLAGS_NONE, -1, cancellable, on_service_open_session_plain, #endif g_object_ref (res)); /* Already have a session */ } else { g_simple_async_result_complete_in_idle (res); } g_object_unref (res); } const gchar * _gsecret_service_ensure_session_finish (GSecretService *self, GAsyncResult *result, GCancellable **cancellable, GError **error) { OpenSessionClosure *closure; g_return_val_if_fail (GSECRET_IS_SERVICE (self), NULL); g_return_val_if_fail (error == NULL || *error == NULL, NULL); g_return_val_if_fail (cancellable == NULL || *cancellable == NULL, NULL); g_return_val_if_fail (g_simple_async_result_is_valid (result, G_OBJECT (self), gsecret_service_ensure_session), NULL); if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result), error)) return NULL; if (cancellable) { closure = g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result)); *cancellable = closure->cancellable ? g_object_ref (closure->cancellable) : NULL; } /* The session we have should never change once created */ return gsecret_service_get_session_path (self); } const gchar * gsecret_service_ensure_session_finish (GSecretService *self, GAsyncResult *result, GError **error) { return _gsecret_service_ensure_session_finish (self, result, NULL, error); } const gchar * gsecret_service_ensure_session_sync (GSecretService *self, GCancellable *cancellable, GError **error) { GSecretSync *sync; const gchar *path; g_return_val_if_fail (GSECRET_IS_SERVICE (self), NULL); g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), NULL); g_return_val_if_fail (error == NULL || *error == NULL, NULL); sync = _gsecret_sync_new (); g_main_context_push_thread_default (sync->context); gsecret_service_ensure_session (self, cancellable, _gsecret_sync_on_result, sync); g_main_loop_run (sync->loop); path = gsecret_service_ensure_session_finish (self, sync->result, error); g_main_context_pop_thread_default (sync->context); _gsecret_sync_free (sync); return path; } #ifdef WITH_GCRYPT static gboolean pkcs7_unpad_bytes_in_place (guchar *padded, gsize *n_padded) { gsize n_pad, i; if (*n_padded == 0) return FALSE; n_pad = padded[*n_padded - 1]; /* Validate the padding */ if (n_pad == 0 || n_pad > 16) return FALSE; if (n_pad > *n_padded) return FALSE; for (i = *n_padded - n_pad; i < *n_padded; ++i) { if (padded[i] != n_pad) return FALSE; } /* The last bit of data */ *n_padded -= n_pad; /* Null teriminate as a courtesy */ padded[*n_padded] = 0; return TRUE; } static GSecretValue * service_decode_aes_secret (GSecretSession *session, gconstpointer param, gsize n_param, gconstpointer value, gsize n_value, const gchar *content_type) { gcry_cipher_hd_t cih; gsize n_padded; gcry_error_t gcry; guchar *padded; gsize pos; if (n_param != 16) { g_message ("received an encrypted secret structure with invalid parameter"); return NULL; } if (n_value == 0 || n_value % 16 != 0) { g_message ("received an encrypted secret structure with bad secret length"); return NULL; } gcry = gcry_cipher_open (&cih, GCRY_CIPHER_AES, GCRY_CIPHER_MODE_CBC, 0); if (gcry != 0) { g_warning ("couldn't create AES cipher: %s", gcry_strerror (gcry)); return NULL; } #if 0 g_printerr (" lib iv: %s\n", egg_hex_encode (param, n_param)); #endif gcry = gcry_cipher_setiv (cih, param, n_param); g_return_val_if_fail (gcry == 0, NULL); #if 0 g_printerr (" lib key: %s\n", egg_hex_encode (session->key, session->n_key)); #endif gcry = gcry_cipher_setkey (cih, session->key, session->n_key); g_return_val_if_fail (gcry == 0, NULL); /* Copy the memory buffer */ n_padded = n_value; padded = egg_secure_alloc (n_padded); memcpy (padded, value, n_padded); /* Perform the decryption */ for (pos = 0; pos < n_padded; pos += 16) { gcry = gcry_cipher_decrypt (cih, (guchar*)padded + pos, 16, NULL, 0); g_return_val_if_fail (gcry == 0, FALSE); } gcry_cipher_close (cih); /* Unpad the resulting value */ if (!pkcs7_unpad_bytes_in_place (padded, &n_padded)) { egg_secure_clear (padded, n_padded); egg_secure_free (padded); g_message ("received an invalid or unencryptable secret"); return FALSE; } return gsecret_value_new_full ((gchar *)padded, n_padded, content_type, egg_secure_free); } #endif /* WITH_GCRYPT */ static GSecretValue * service_decode_plain_secret (GSecretSession *session, gconstpointer param, gsize n_param, gconstpointer value, gsize n_value, const gchar *content_type) { if (n_param != 0) { g_message ("received a plain secret structure with invalid parameter"); return NULL; } return gsecret_value_new (value, n_value, content_type); } GSecretValue * _gsecret_service_decode_secret (GSecretService *self, GVariant *encoded) { GSecretSession *session; GSecretValue *result; gconstpointer param; gconstpointer value; gchar *session_path; gchar *content_type; gsize n_param; gsize n_value; GVariant *vparam; GVariant *vvalue; g_return_val_if_fail (GSECRET_IS_SERVICE (self), NULL); g_return_val_if_fail (encoded, NULL); g_mutex_lock (&self->pv->mutex); session = self->pv->session; g_assert (session == NULL || session->path != NULL); g_mutex_unlock (&self->pv->mutex); g_return_val_if_fail (session != NULL, NULL); /* Parsing (oayays) */ g_variant_get_child (encoded, 0, "o", &session_path); if (session_path == NULL || !g_str_equal (session_path, session->path)) { g_message ("received a secret encoded with wrong session: %s != %s", session_path, session->path); g_free (session_path); return NULL; } vparam = g_variant_get_child_value (encoded, 1); param = g_variant_get_fixed_array (vparam, &n_param, sizeof (guchar)); vvalue = g_variant_get_child_value (encoded, 2); value = g_variant_get_fixed_array (vvalue, &n_value, sizeof (guchar)); g_variant_get_child (encoded, 3, "s", &content_type); #ifdef WITH_GCRYPT if (session->key != NULL) result = service_decode_aes_secret (session, param, n_param, value, n_value, content_type); else #endif result = service_decode_plain_secret (session, param, n_param, value, n_value, content_type); g_variant_unref (vparam); g_variant_unref (vvalue); g_free (content_type); g_free (session_path); return result; } #ifdef WITH_GCRYPT static guchar* pkcs7_pad_bytes_in_secure_memory (gconstpointer secret, gsize length, gsize *n_padded) { gsize n_pad; guchar *padded; /* Pad the secret */ *n_padded = ((length + 16) / 16) * 16; g_assert (length < *n_padded); g_assert (*n_padded > 0); n_pad = *n_padded - length; g_assert (n_pad > 0 && n_pad <= 16); padded = egg_secure_alloc (*n_padded); memcpy (padded, secret, length); memset (padded + length, n_pad, n_pad); return padded; } static gboolean service_encode_aes_secret (GSecretSession *session, GSecretValue *value, GVariantBuilder *builder) { gcry_cipher_hd_t cih; guchar *padded; gsize n_padded, pos; gcry_error_t gcry; gpointer iv; gconstpointer secret; gsize n_secret; GVariant *child; g_variant_builder_add (builder, "o", session->path); /* Create the cipher */ gcry = gcry_cipher_open (&cih, GCRY_CIPHER_AES, GCRY_CIPHER_MODE_CBC, 0); if (gcry != 0) { g_warning ("couldn't create AES cipher: %s", gcry_strerror (gcry)); return FALSE; } secret = gsecret_value_get (value, &n_secret); /* Perform the encoding here */ padded = pkcs7_pad_bytes_in_secure_memory (secret, n_secret, &n_padded); g_assert (padded != NULL); /* Setup the IV */ iv = g_malloc0 (16); gcry_create_nonce (iv, 16); gcry = gcry_cipher_setiv (cih, iv, 16); g_return_val_if_fail (gcry == 0, FALSE); /* Setup the key */ gcry = gcry_cipher_setkey (cih, session->key, session->n_key); g_return_val_if_fail (gcry == 0, FALSE); /* Perform the encryption */ for (pos = 0; pos < n_padded; pos += 16) { gcry = gcry_cipher_encrypt (cih, (guchar*)padded + pos, 16, NULL, 0); g_return_val_if_fail (gcry == 0, FALSE); } gcry_cipher_close (cih); child = g_variant_new_from_data (G_VARIANT_TYPE ("ay"), iv, 16, TRUE, g_free, iv); g_variant_builder_add_value (builder, child); g_variant_unref (child); child = g_variant_new_from_data (G_VARIANT_TYPE ("ay"), padded, n_padded, TRUE, egg_secure_free, padded); g_variant_builder_add_value (builder, child); g_variant_unref (child); g_variant_builder_add (builder, "s", gsecret_value_get_content_type (value)); return TRUE; } #endif /* WITH_GCRYPT */ static gboolean service_encode_plain_secret (GSecretSession *session, GSecretValue *value, GVariantBuilder *builder) { gconstpointer secret; gsize n_secret; GVariant *child; g_variant_builder_add (builder, "o", session->path); secret = gsecret_value_get (value, &n_secret); child = g_variant_new_from_data (G_VARIANT_TYPE ("ay"), "", 0, TRUE, NULL, NULL); g_variant_builder_add_value (builder, child); g_variant_unref (child); child = g_variant_new_from_data (G_VARIANT_TYPE ("ay"), secret, n_secret, TRUE, gsecret_value_unref, gsecret_value_ref (value)); g_variant_builder_add_value (builder, child); g_variant_unref (child); g_variant_builder_add (builder, "s", gsecret_value_get_content_type (value)); return TRUE; } GVariant * _gsecret_service_encode_secret (GSecretService *self, GSecretValue *value) { GVariantBuilder *builder; GSecretSession *session; GVariant *result = NULL; GVariantType *type; gboolean ret; g_return_val_if_fail (GSECRET_IS_SERVICE (self), NULL); g_return_val_if_fail (value, NULL); g_mutex_lock (&self->pv->mutex); session = self->pv->session; g_assert (session == NULL || session->path != NULL); g_mutex_unlock (&self->pv->mutex); g_return_val_if_fail (session != NULL, NULL); type = g_variant_type_new ("(oayays)"); builder = g_variant_builder_new (type); #ifdef WITH_GCRYPT if (session->key) ret = service_encode_aes_secret (session, value, builder); else #endif ret = service_encode_plain_secret (session, value, builder); if (ret) result = g_variant_builder_end (builder); g_variant_builder_unref (builder); g_variant_type_free (type); return result; } static void on_search_items_complete (GObject *source, GAsyncResult *result, gpointer user_data) { GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); GError *error = NULL; GVariant *response; response = g_dbus_proxy_call_finish (G_DBUS_PROXY (source), result, &error); if (error != NULL) g_simple_async_result_take_error (res, error); else g_simple_async_result_set_op_res_gpointer (res, response, (GDestroyNotify)g_variant_unref); g_simple_async_result_complete (res); g_object_unref (res); } void gsecret_service_search_for_paths (GSecretService *self, GHashTable *attributes, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { GSimpleAsyncResult *res; g_return_if_fail (GSECRET_IS_SERVICE (self)); g_return_if_fail (attributes != NULL); g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable)); res = g_simple_async_result_new (G_OBJECT (self), callback, user_data, gsecret_service_search_for_paths); g_dbus_proxy_call (G_DBUS_PROXY (self), "SearchItems", g_variant_new ("(@a{ss})", _gsecret_util_variant_for_attributes (attributes)), G_DBUS_CALL_FLAGS_NONE, -1, cancellable, on_search_items_complete, g_object_ref (res)); g_object_unref (res); } gboolean gsecret_service_search_for_paths_finish (GSecretService *self, GAsyncResult *result, gchar ***unlocked, gchar ***locked, GError **error) { GVariant *response; GSimpleAsyncResult *res; gchar **dummy = NULL; g_return_val_if_fail (g_simple_async_result_is_valid (result, G_OBJECT (self), gsecret_service_search_for_paths), FALSE); g_return_val_if_fail (error == NULL || *error == NULL, FALSE); res = G_SIMPLE_ASYNC_RESULT (result); if (g_simple_async_result_propagate_error (res, error)) return FALSE; if (unlocked || locked) { if (!unlocked) unlocked = &dummy; else if (!locked) locked = &dummy; response = g_simple_async_result_get_op_res_gpointer (res); g_variant_get (response, "(^ao^ao)", unlocked, locked); } g_strfreev (dummy); return TRUE; } gboolean gsecret_service_search_for_paths_sync (GSecretService *self, GHashTable *attributes, GCancellable *cancellable, gchar ***unlocked, gchar ***locked, GError **error) { gchar **dummy = NULL; GVariant *response; g_return_val_if_fail (GSECRET_IS_SERVICE (self), FALSE); g_return_val_if_fail (attributes != NULL, FALSE); g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), FALSE); g_return_val_if_fail (error == NULL || *error == NULL, FALSE); response = g_dbus_proxy_call_sync (G_DBUS_PROXY (self), "SearchItems", g_variant_new ("(@a{ss})", _gsecret_util_variant_for_attributes (attributes)), G_DBUS_CALL_FLAGS_NONE, -1, cancellable, error); if (response != NULL) { if (unlocked || locked) { if (!unlocked) unlocked = &dummy; else if (!locked) locked = &dummy; g_variant_get (response, "(^ao^ao)", unlocked, locked); } g_variant_unref (response); } g_strfreev (dummy); return response != NULL; } typedef struct { GCancellable *cancellable; GHashTable *items; gchar **unlocked; gchar **locked; guint loading; } SearchClosure; static void search_closure_free (gpointer data) { SearchClosure *closure = data; g_clear_object (&closure->cancellable); g_hash_table_unref (closure->items); g_strfreev (closure->unlocked); g_strfreev (closure->locked); g_slice_free (SearchClosure, closure); } static void search_closure_add_item (SearchClosure *closure, GSecretItem *item) { const gchar *path = g_dbus_proxy_get_object_path (G_DBUS_PROXY (item)); g_hash_table_insert (closure->items, (gpointer)path, item); } static void on_search_loaded (GObject *source, GAsyncResult *result, gpointer user_data) { GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); SearchClosure *closure = g_simple_async_result_get_op_res_gpointer (res); GError *error = NULL; GSecretItem *item; closure->loading--; item = gsecret_item_new_finish (result, &error); if (error != NULL) g_simple_async_result_take_error (res, error); if (item != NULL) search_closure_add_item (closure, item); if (closure->loading == 0) g_simple_async_result_complete (res); g_object_unref (res); } static void search_load_item (GSecretService *self, GSimpleAsyncResult *res, SearchClosure *closure, const gchar *path) { GSecretItem *item; item = _gsecret_service_find_item_instance (self, path); if (item == NULL) { gsecret_item_new (self, path, closure->cancellable, on_search_loaded, g_object_ref (res)); closure->loading++; } else { search_closure_add_item (closure, item); } } static void on_search_paths (GObject *source, GAsyncResult *result, gpointer user_data) { GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); SearchClosure *closure = g_simple_async_result_get_op_res_gpointer (res); GSecretService *self = GSECRET_SERVICE (source); GError *error = NULL; guint i; if (!gsecret_service_search_for_paths_finish (self, result, &closure->unlocked, &closure->locked, &error)) { g_simple_async_result_take_error (res, error); g_simple_async_result_complete (res); } for (i = 0; closure->unlocked[i] != NULL; i++) search_load_item (self, res, closure, closure->unlocked[i]); for (i = 0; closure->locked[i] != NULL; i++) search_load_item (self, res, closure, closure->locked[i]); if (closure->loading == 0) g_simple_async_result_complete (res); g_object_unref (res); } void gsecret_service_search (GSecretService *self, GHashTable *attributes, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { GSimpleAsyncResult *res; SearchClosure *closure; g_return_if_fail (GSECRET_IS_SERVICE (self)); g_return_if_fail (attributes != NULL); g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable)); res = g_simple_async_result_new (G_OBJECT (self), callback, user_data, gsecret_service_search); closure = g_slice_new0 (SearchClosure); closure->cancellable = cancellable ? g_object_ref (cancellable) : NULL; closure->items = g_hash_table_new_full (g_str_hash, g_str_equal, NULL, g_object_unref); g_simple_async_result_set_op_res_gpointer (res, closure, search_closure_free); gsecret_service_search_for_paths (self, attributes, cancellable, on_search_paths, g_object_ref (res)); g_object_unref (res); } static GList * search_finish_build (gchar **paths, SearchClosure *closure) { GList *results = NULL; GSecretItem *item; guint i; for (i = 0; paths[i]; i++) { item = g_hash_table_lookup (closure->items, paths[i]); if (item != NULL) results = g_list_prepend (results, g_object_ref (item)); } return g_list_reverse (results); } gboolean gsecret_service_search_finish (GSecretService *self, GAsyncResult *result, GList **unlocked, GList **locked, GError **error) { GSimpleAsyncResult *res; SearchClosure *closure; g_return_val_if_fail (GSECRET_IS_SERVICE (self), FALSE); g_return_val_if_fail (error == NULL || *error == NULL, FALSE); g_return_val_if_fail (g_simple_async_result_is_valid (result, G_OBJECT (self), gsecret_service_search), FALSE); res = G_SIMPLE_ASYNC_RESULT (result); if (g_simple_async_result_propagate_error (res, error)) return FALSE; closure = g_simple_async_result_get_op_res_gpointer (res); if (unlocked) *unlocked = search_finish_build (closure->unlocked, closure); if (locked) *locked = search_finish_build (closure->locked, closure); return TRUE; } gboolean gsecret_service_search_sync (GSecretService *self, GHashTable *attributes, GCancellable *cancellable, GList **unlocked, GList **locked, GError **error) { GSecretSync *sync; gboolean ret; g_return_val_if_fail (GSECRET_IS_SERVICE (self), FALSE); g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), FALSE); g_return_val_if_fail (error == NULL || *error == NULL, FALSE); sync = _gsecret_sync_new (); g_main_context_push_thread_default (sync->context); gsecret_service_search (self, attributes, cancellable, _gsecret_sync_on_result, sync); g_main_loop_run (sync->loop); ret = gsecret_service_search_finish (self, sync->result, unlocked, locked, error); g_main_context_pop_thread_default (sync->context); _gsecret_sync_free (sync); return ret; } typedef struct { GCancellable *cancellable; GVariant *in; GVariant *out; GHashTable *items; } GetClosure; static void get_closure_free (gpointer data) { GetClosure *closure = data; if (closure->in) g_variant_unref (closure->in); if (closure->out) g_variant_unref (closure->out); g_clear_object (&closure->cancellable); g_slice_free (GetClosure, closure); } static void on_get_secrets_complete (GObject *source, GAsyncResult *result, gpointer user_data) { GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); GetClosure *closure = g_simple_async_result_get_op_res_gpointer (res); GError *error = NULL; closure->out = g_dbus_proxy_call_finish (G_DBUS_PROXY (source), result, &error); if (error != NULL) g_simple_async_result_take_error (res, error); g_simple_async_result_complete (res); g_object_unref (res); } static void on_get_secrets_session (GObject *source, GAsyncResult *result, gpointer user_data) { GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); GetClosure *closure = g_simple_async_result_get_op_res_gpointer (res); GError *error = NULL; const gchar *session; session = gsecret_service_ensure_session_finish (GSECRET_SERVICE (source), result, &error); if (error != NULL) { g_simple_async_result_take_error (res, error); g_simple_async_result_complete (res); } else { g_dbus_proxy_call (G_DBUS_PROXY (source), "GetSecrets", g_variant_new ("(@aoo)", closure->in, session), G_DBUS_CALL_FLAGS_NO_AUTO_START, -1, closure->cancellable, on_get_secrets_complete, g_object_ref (res)); } g_object_unref (res); } void gsecret_service_get_secret_for_path (GSecretService *self, const gchar *object_path, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { GSimpleAsyncResult *res; GetClosure *closure; g_return_if_fail (GSECRET_IS_SERVICE (self)); g_return_if_fail (object_path != NULL); g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable)); res = g_simple_async_result_new (G_OBJECT (self), callback, user_data, gsecret_service_get_secret_for_path); closure = g_slice_new (GetClosure); closure->cancellable = cancellable ? g_object_ref (cancellable) : NULL; closure->in = g_variant_ref_sink (g_variant_new_objv (&object_path, 1)); g_simple_async_result_set_op_res_gpointer (res, closure, get_closure_free); gsecret_service_ensure_session (self, cancellable, on_get_secrets_session, g_object_ref (res)); g_object_unref (res); } static GSecretValue * service_decode_get_secrets_first (GSecretService *self, GVariant *out) { GVariantIter *iter; GVariant *variant; GSecretValue *value; const gchar *path; g_variant_get (out, "(a{o(oayays)})", &iter); while (g_variant_iter_next (iter, "{&o@(oayays)}", &path, &variant)) { value = _gsecret_service_decode_secret (self, variant); g_variant_unref (variant); break; } g_variant_iter_free (iter); return value; } static GHashTable * service_decode_get_secrets_all (GSecretService *self, GVariant *out) { GVariantIter *iter; GVariant *variant; GHashTable *values; GSecretValue *value; gchar *path; values = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, gsecret_value_unref); g_variant_get (out, "(a{o(oayays)})", &iter); while (g_variant_iter_loop (iter, "{o@(oayays)}", &path, &variant)) { value = _gsecret_service_decode_secret (self, variant); if (value && path) g_hash_table_insert (values, g_strdup (path), value); } g_variant_iter_free (iter); return values; } GSecretValue * gsecret_service_get_secret_for_path_finish (GSecretService *self, GAsyncResult *result, GError **error) { GSimpleAsyncResult *res; GetClosure *closure; g_return_val_if_fail (GSECRET_IS_SERVICE (self), NULL); g_return_val_if_fail (g_simple_async_result_is_valid (result, G_OBJECT (self), gsecret_service_get_secret_for_path), NULL); g_return_val_if_fail (error == NULL || *error == NULL, NULL); res = G_SIMPLE_ASYNC_RESULT (result); if (g_simple_async_result_propagate_error (res, error)) return NULL; closure = g_simple_async_result_get_op_res_gpointer (res); return service_decode_get_secrets_first (self, closure->out); } GSecretValue * gsecret_service_get_secret_for_path_sync (GSecretService *self, const gchar *object_path, GCancellable *cancellable, GError **error) { GSecretSync *sync; GSecretValue *value; g_return_val_if_fail (GSECRET_IS_SERVICE (self), NULL); g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), NULL); g_return_val_if_fail (error == NULL || *error == NULL, NULL); sync = _gsecret_sync_new (); g_main_context_push_thread_default (sync->context); gsecret_service_get_secret_for_path (self, object_path, cancellable, _gsecret_sync_on_result, sync); g_main_loop_run (sync->loop); value = gsecret_service_get_secret_for_path_finish (self, sync->result, error); g_main_context_pop_thread_default (sync->context); _gsecret_sync_free (sync); return value; } void gsecret_service_get_secrets_for_paths (GSecretService *self, const gchar **object_paths, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { GSimpleAsyncResult *res; GetClosure *closure; g_return_if_fail (GSECRET_IS_SERVICE (self)); g_return_if_fail (object_paths != NULL); g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable)); res = g_simple_async_result_new (G_OBJECT (self), callback, user_data, gsecret_service_get_secret_for_path); closure = g_slice_new (GetClosure); closure->cancellable = cancellable ? g_object_ref (cancellable) : NULL; closure->in = g_variant_ref_sink (g_variant_new_objv (object_paths, -1)); g_simple_async_result_set_op_res_gpointer (res, closure, get_closure_free); gsecret_service_ensure_session (self, cancellable, on_get_secrets_session, g_object_ref (res)); g_object_unref (res); } GHashTable * gsecret_service_get_secrets_for_paths_finish (GSecretService *self, GAsyncResult *result, GError **error) { GSimpleAsyncResult *res; GetClosure *closure; g_return_val_if_fail (GSECRET_IS_SERVICE (self), NULL); g_return_val_if_fail (g_simple_async_result_is_valid (result, G_OBJECT (self), gsecret_service_get_secret_for_path), NULL); g_return_val_if_fail (error == NULL || *error == NULL, NULL); res = G_SIMPLE_ASYNC_RESULT (result); if (g_simple_async_result_propagate_error (res, error)) return NULL; closure = g_simple_async_result_get_op_res_gpointer (res); return service_decode_get_secrets_all (self, closure->out); } GHashTable * gsecret_service_get_secrets_for_paths_sync (GSecretService *self, const gchar **object_paths, GCancellable *cancellable, GError **error) { GSecretSync *sync; GHashTable *secrets; g_return_val_if_fail (GSECRET_IS_SERVICE (self), NULL); g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), NULL); g_return_val_if_fail (error == NULL || *error == NULL, NULL); sync = _gsecret_sync_new (); g_main_context_push_thread_default (sync->context); gsecret_service_get_secrets_for_paths (self, object_paths, cancellable, _gsecret_sync_on_result, sync); g_main_loop_run (sync->loop); secrets = gsecret_service_get_secrets_for_paths_finish (self, sync->result, error); g_main_context_pop_thread_default (sync->context); _gsecret_sync_free (sync); return secrets; } void gsecret_service_get_secrets (GSecretService *self, GList *items, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { GSimpleAsyncResult *res; GetClosure *closure; GPtrArray *paths; const gchar *path; GList *l; g_return_if_fail (GSECRET_IS_SERVICE (self)); g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable)); res = g_simple_async_result_new (G_OBJECT (self), callback, user_data, gsecret_service_get_secrets); closure = g_slice_new (GetClosure); closure->cancellable = cancellable ? g_object_ref (cancellable) : NULL; closure->items = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_object_unref); paths = g_ptr_array_new (); for (l = items; l != NULL; l = g_list_next (l)) { path = g_dbus_proxy_get_object_path (l->data); g_hash_table_insert (closure->items, g_strdup (path), g_object_ref (l->data)); g_ptr_array_add (paths, (gpointer)path); } closure->in = g_variant_new_objv ((const gchar * const *)paths->pdata, paths->len); g_variant_ref_sink (closure->in); g_ptr_array_free (paths, TRUE); g_simple_async_result_set_op_res_gpointer (res, closure, get_closure_free); gsecret_service_ensure_session (self, cancellable, on_get_secrets_session, g_object_ref (res)); g_object_unref (res); } GHashTable * gsecret_service_get_secrets_finish (GSecretService *self, GAsyncResult *result, GError **error) { GSimpleAsyncResult *res; GetClosure *closure; GHashTable *with_paths; GHashTable *with_items; GHashTableIter iter; const gchar *path; GSecretValue *value; GSecretItem *item; g_return_val_if_fail (GSECRET_IS_SERVICE (self), NULL); g_return_val_if_fail (g_simple_async_result_is_valid (result, G_OBJECT (self), gsecret_service_get_secret_for_path), NULL); g_return_val_if_fail (error == NULL || *error == NULL, NULL); res = G_SIMPLE_ASYNC_RESULT (result); if (g_simple_async_result_propagate_error (res, error)) return NULL; closure = g_simple_async_result_get_op_res_gpointer (res); with_paths = service_decode_get_secrets_all (self, closure->out); g_return_val_if_fail (with_paths != NULL, NULL); with_items = g_hash_table_new_full (g_direct_hash, g_direct_equal, g_object_unref, gsecret_value_unref); g_hash_table_iter_init (&iter, with_paths); while (g_hash_table_iter_next (&iter, (gpointer *)&path, (gpointer *)&value)) { item = g_hash_table_lookup (closure->items, path); if (item != NULL) g_hash_table_insert (with_items, g_object_ref (item), gsecret_value_ref (value)); } g_hash_table_unref (with_paths); return with_items; } GHashTable * gsecret_service_get_secrets_sync (GSecretService *self, GList *items, GCancellable *cancellable, GError **error) { GSecretSync *sync; GHashTable *secrets; g_return_val_if_fail (GSECRET_IS_SERVICE (self), NULL); g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), NULL); g_return_val_if_fail (error == NULL || *error == NULL, NULL); sync = _gsecret_sync_new (); g_main_context_push_thread_default (sync->context); gsecret_service_get_secrets (self, items, cancellable, _gsecret_sync_on_result, sync); g_main_loop_run (sync->loop); secrets = gsecret_service_get_secrets_finish (self, sync->result, error); g_main_context_pop_thread_default (sync->context); _gsecret_sync_free (sync); return secrets; } typedef struct { GCancellable *cancellable; GSecretPrompt *prompt; GHashTable *objects; GPtrArray *xlocked; } XlockClosure; static void xlock_closure_free (gpointer data) { XlockClosure *closure = data; g_clear_object (&closure->cancellable); g_clear_object (&closure->prompt); if (closure->xlocked) g_ptr_array_unref (closure->xlocked); if (closure->objects) g_hash_table_unref (closure->objects); g_slice_free (XlockClosure, closure); } static void on_xlock_prompted (GObject *source, GAsyncResult *result, gpointer user_data) { GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); XlockClosure *closure = g_simple_async_result_get_op_res_gpointer (res); GSecretService *self = GSECRET_SERVICE (source); GError *error = NULL; GVariantIter iter; GVariant *retval; gchar *path; gboolean ret; ret = gsecret_service_prompt_finish (self, result, &error); if (error != NULL) g_simple_async_result_take_error (res, error); if (ret) { retval = gsecret_prompt_get_result_value (closure->prompt, G_VARIANT_TYPE ("ao")); g_variant_iter_init (&iter, retval); while (g_variant_iter_loop (&iter, "o", &path)) g_ptr_array_add (closure->xlocked, g_strdup (path)); g_variant_unref (retval); } g_simple_async_result_complete (res); g_object_unref (res); } static void on_xlock_called (GObject *source, GAsyncResult *result, gpointer user_data) { GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); XlockClosure *closure = g_simple_async_result_get_op_res_gpointer (res); GSecretService *self = GSECRET_SERVICE (g_async_result_get_source_object (user_data)); const gchar *prompt = NULL; gchar **xlocked = NULL; GError *error = NULL; GVariant *retval; guint i; retval = g_dbus_proxy_call_finish (G_DBUS_PROXY (source), result, &error); if (error != NULL) { g_simple_async_result_take_error (res, error); g_simple_async_result_complete (res); } else { g_variant_get (retval, "(^ao&o)", &xlocked, &prompt); if (_gsecret_util_empty_path (prompt)) { for (i = 0; xlocked[i]; i++) g_ptr_array_add (closure->xlocked, g_strdup (xlocked[i])); g_simple_async_result_complete (res); } else { closure->prompt = gsecret_prompt_instance (self, prompt); gsecret_service_prompt (self, closure->prompt, closure->cancellable, on_xlock_prompted, g_object_ref (res)); } g_strfreev (xlocked); g_variant_unref (retval); } g_object_unref (self); g_object_unref (res); } static GSimpleAsyncResult * service_xlock_paths_async (GSecretService *self, const gchar *method, const gchar **paths, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { GSimpleAsyncResult *res; XlockClosure *closure; res = g_simple_async_result_new (G_OBJECT (self), callback, user_data, service_xlock_paths_async); closure = g_slice_new (XlockClosure); closure->cancellable = cancellable ? g_object_ref (cancellable) : cancellable; g_simple_async_result_set_op_res_gpointer (res, closure, xlock_closure_free); g_dbus_proxy_call (G_DBUS_PROXY (self), method, g_variant_new ("(@ao)", g_variant_new_objv (paths, -1)), G_DBUS_CALL_FLAGS_NO_AUTO_START, -1, cancellable, on_xlock_called, g_object_ref (res)); return res; } static gint service_xlock_paths_finish (GSecretService *self, GAsyncResult *result, gchar ***xlocked, GError **error) { GSimpleAsyncResult *res; XlockClosure *closure; gint count; res = G_SIMPLE_ASYNC_RESULT (result); if (g_simple_async_result_propagate_error (res, error)) return -1; closure = g_simple_async_result_get_op_res_gpointer (res); count = closure->xlocked->len; if (xlocked != NULL) { g_ptr_array_add (closure->xlocked, NULL); *xlocked = (gchar **)g_ptr_array_free (closure->xlocked, FALSE); closure->xlocked = NULL; } return count; } static void service_xlock_async (GSecretService *self, const gchar *method, GList *objects, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { GSimpleAsyncResult *res; XlockClosure *closure; GHashTable *table; GPtrArray *paths; const gchar *path; GList *l; table = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_object_unref); paths = g_ptr_array_new (); for (l = objects; l != NULL; l = g_list_next (l)) { path = g_dbus_proxy_get_object_path (l->data); g_ptr_array_add (paths, (gpointer)path); g_hash_table_insert (table, g_strdup (path), g_object_ref (l->data)); } g_ptr_array_add (paths, NULL); res = service_xlock_paths_async (self, "Lock", (const gchar **)paths->pdata, cancellable, callback, user_data); closure = g_simple_async_result_get_op_res_gpointer (res); closure->objects = table; g_ptr_array_free (paths, TRUE); g_object_unref (res); } static gint service_xlock_finish (GSecretService *self, GAsyncResult *result, GList **xlocked, GError **error) { XlockClosure *closure; gchar **paths = NULL; GObject *object; gint count; guint i; count = service_xlock_paths_finish (self, result, xlocked ? &paths : NULL, error); if (count > 0 && xlocked) { closure = g_simple_async_result_get_op_res_gpointer (G_SIMPLE_ASYNC_RESULT (result)); *xlocked = NULL; for (i = 0; paths[i] != NULL; i++) { object = g_hash_table_lookup (closure->objects, paths[i]); if (object != NULL) *xlocked = g_list_prepend (*xlocked, g_object_ref (object)); } *xlocked = g_list_reverse (*xlocked); } return count; } void gsecret_service_lock (GSecretService *self, GList *objects, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { g_return_if_fail (GSECRET_IS_SERVICE (self)); g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable)); service_xlock_async (self, "Lock", objects, cancellable, callback, user_data); } gint gsecret_service_lock_finish (GSecretService *self, GAsyncResult *result, GList **locked, GError **error) { g_return_val_if_fail (GSECRET_IS_SERVICE (self), FALSE); g_return_val_if_fail (error == NULL || *error == NULL, FALSE); return service_xlock_finish (self, result, locked, error); } gint gsecret_service_lock_sync (GSecretService *self, GList *objects, GCancellable *cancellable, GList **locked, GError **error) { GSecretSync *sync; gint count; g_return_val_if_fail (GSECRET_IS_SERVICE (self), -1); g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), -1); g_return_val_if_fail (error == NULL || *error == NULL, -1); sync = _gsecret_sync_new (); g_main_context_push_thread_default (sync->context); gsecret_service_lock (self, objects, cancellable, _gsecret_sync_on_result, sync); g_main_loop_run (sync->loop); count = gsecret_service_lock_finish (self, sync->result, locked, error); g_main_context_pop_thread_default (sync->context); _gsecret_sync_free (sync); return count; } gint gsecret_service_lock_paths_sync (GSecretService *self, const gchar **paths, GCancellable *cancellable, gchar ***locked, GError **error) { GSecretSync *sync; gint count; g_return_val_if_fail (GSECRET_IS_SERVICE (self), -1); g_return_val_if_fail (paths != NULL, -1); g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), -1); g_return_val_if_fail (error == NULL || *error == NULL, -1); sync = _gsecret_sync_new (); g_main_context_push_thread_default (sync->context); gsecret_service_lock_paths (self, paths, cancellable, _gsecret_sync_on_result, sync); g_main_loop_run (sync->loop); count = gsecret_service_lock_paths_finish (self, sync->result, locked, error); g_main_context_pop_thread_default (sync->context); _gsecret_sync_free (sync); return count; } void gsecret_service_lock_paths (GSecretService *self, const gchar **paths, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { GSimpleAsyncResult *res; g_return_if_fail (GSECRET_IS_SERVICE (self)); g_return_if_fail (paths != NULL); g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable)); res = service_xlock_paths_async (self, "Lock", paths, cancellable, callback, user_data); g_object_unref (res); } gint gsecret_service_lock_paths_finish (GSecretService *self, GAsyncResult *result, gchar ***unlocked, GError **error) { g_return_val_if_fail (GSECRET_IS_SERVICE (self), -1); g_return_val_if_fail (unlocked != NULL, -1); g_return_val_if_fail (error == NULL || *error == NULL, -1); return service_xlock_paths_finish (self, result, unlocked, error); } gint gsecret_service_unlock_paths_sync (GSecretService *self, const gchar **paths, GCancellable *cancellable, gchar ***unlocked, GError **error) { GSecretSync *sync; gint count; g_return_val_if_fail (GSECRET_IS_SERVICE (self), -1); g_return_val_if_fail (paths != NULL, -1); g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), -1); g_return_val_if_fail (unlocked != NULL, -1); g_return_val_if_fail (error == NULL || *error == NULL, -1); sync = _gsecret_sync_new (); g_main_context_push_thread_default (sync->context); gsecret_service_unlock_paths (self, paths, cancellable, _gsecret_sync_on_result, sync); g_main_loop_run (sync->loop); count = gsecret_service_unlock_paths_finish (self, sync->result, unlocked, error); g_main_context_pop_thread_default (sync->context); _gsecret_sync_free (sync); return count; } void gsecret_service_unlock_paths (GSecretService *self, const gchar **paths, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { GSimpleAsyncResult *res; g_return_if_fail (GSECRET_IS_SERVICE (self)); g_return_if_fail (paths != NULL); g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable)); res = service_xlock_paths_async (self, "Unlock", paths, cancellable, callback, user_data); g_object_unref (res); } gint gsecret_service_unlock_paths_finish (GSecretService *self, GAsyncResult *result, gchar ***unlocked, GError **error) { g_return_val_if_fail (GSECRET_IS_SERVICE (self), -1); g_return_val_if_fail (error == NULL || *error == NULL, -1); return service_xlock_paths_finish (self, result, unlocked, error); } void gsecret_service_unlock (GSecretService *self, GList *objects, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { g_return_if_fail (GSECRET_IS_SERVICE (self)); g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable)); service_xlock_async (self, "Unlock", objects, cancellable, callback, user_data); } gint gsecret_service_unlock_finish (GSecretService *self, GAsyncResult *result, GList **unlocked, GError **error) { g_return_val_if_fail (GSECRET_IS_SERVICE (self), -1); g_return_val_if_fail (error == NULL || *error == NULL, -1); g_return_val_if_fail (g_simple_async_result_is_valid (result, G_OBJECT (self), gsecret_service_unlock_paths), -1); return service_xlock_finish (self, result, unlocked, error); } gint gsecret_service_unlock_sync (GSecretService *self, GList *objects, GCancellable *cancellable, GList **unlocked, GError **error) { GSecretSync *sync; gint count; g_return_val_if_fail (GSECRET_IS_SERVICE (self), -1); g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), -1); g_return_val_if_fail (error == NULL || *error == NULL, -1); sync = _gsecret_sync_new (); g_main_context_push_thread_default (sync->context); gsecret_service_unlock (self, objects, cancellable, _gsecret_sync_on_result, sync); g_main_loop_run (sync->loop); count = gsecret_service_unlock_finish (self, sync->result, unlocked, error); g_main_context_pop_thread_default (sync->context); _gsecret_sync_free (sync); return count; } gboolean gsecret_service_prompt_sync (GSecretService *self, GSecretPrompt *prompt, GCancellable *cancellable, GError **error) { GSecretServiceClass *klass; g_return_val_if_fail (GSECRET_IS_SERVICE (self), FALSE); g_return_val_if_fail (GSECRET_IS_PROMPT (prompt), FALSE); g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), FALSE); g_return_val_if_fail (error == NULL || *error == NULL, FALSE); klass = GSECRET_SERVICE_GET_CLASS (self); g_return_val_if_fail (klass->prompt_sync != NULL, FALSE); return (klass->prompt_sync) (self, prompt, cancellable, error); } void gsecret_service_prompt (GSecretService *self, GSecretPrompt *prompt, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { GSecretServiceClass *klass; g_return_if_fail (GSECRET_IS_SERVICE (self)); g_return_if_fail (GSECRET_IS_PROMPT (prompt)); g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable)); klass = GSECRET_SERVICE_GET_CLASS (self); g_return_if_fail (klass->prompt_async != NULL); (klass->prompt_async) (self, prompt, cancellable, callback, user_data); } gboolean gsecret_service_prompt_finish (GSecretService *self, GAsyncResult *result, GError **error) { GSecretServiceClass *klass; g_return_val_if_fail (GSECRET_IS_SERVICE (self), FALSE); g_return_val_if_fail (G_IS_ASYNC_RESULT (result), FALSE); g_return_val_if_fail (error == NULL || *error == NULL, FALSE); klass = GSECRET_SERVICE_GET_CLASS (self); g_return_val_if_fail (klass->prompt_finish != NULL, FALSE); return (klass->prompt_finish) (self, result, error); } typedef struct { gchar *collection_path; GSecretValue *value; GCancellable *cancellable; GSecretPrompt *prompt; gboolean created; } StoreClosure; static void store_closure_free (gpointer data) { StoreClosure *closure = data; g_free (closure->collection_path); gsecret_value_unref (closure->value); g_clear_object (&closure->cancellable); g_clear_object (&closure->prompt); g_free (closure); } void gsecret_service_store (GSecretService *self, const GSecretSchema *schema, const gchar *collection_path, const gchar *label, GSecretValue *value, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data, ...) { GHashTable *attributes; va_list va; g_return_if_fail (GSECRET_IS_SERVICE (self)); g_return_if_fail (schema != NULL); g_return_if_fail (collection_path != NULL); g_return_if_fail (label != NULL); g_return_if_fail (value != NULL); va_start (va, user_data); attributes = _gsecret_util_attributes_for_varargs (schema, va); va_end (va); gsecret_service_storev (self, schema, attributes, collection_path, label, value, cancellable, callback, user_data); g_hash_table_unref (attributes); } static void on_store_prompt (GObject *source, GAsyncResult *result, gpointer user_data) { GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); StoreClosure *closure = g_simple_async_result_get_op_res_gpointer (res); GError *error = NULL; closure->created = gsecret_service_prompt_finish (GSECRET_SERVICE (source), result, &error); if (error != NULL) g_simple_async_result_take_error (res, error); g_simple_async_result_complete (res); g_object_unref (res); } static void on_store_create (GObject *source, GAsyncResult *result, gpointer user_data) { GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); StoreClosure *closure = g_simple_async_result_get_op_res_gpointer (res); GSecretService *self = GSECRET_SERVICE (g_async_result_get_source_object (result)); const gchar *prompt_path = NULL; const gchar *item_path = NULL; GError *error = NULL; GVariant *retval; retval = g_dbus_connection_call_finish (G_DBUS_CONNECTION (source), result, &error); if (error == NULL) { g_variant_get (retval, "(&o&o)", &item_path, &prompt_path); if (!_gsecret_util_empty_path (prompt_path)) { closure->prompt = gsecret_prompt_instance (self, prompt_path); gsecret_service_prompt (self, closure->prompt, closure->cancellable, on_store_prompt, g_object_ref (res)); } else { g_simple_async_result_complete (res); } g_variant_unref (retval); } else { g_simple_async_result_take_error (res, error); g_simple_async_result_complete (res); } g_object_unref (self); g_object_unref (res); } void gsecret_service_storev (GSecretService *self, const GSecretSchema *schema, GHashTable *attributes, const gchar *collection_path, const gchar *label, GSecretValue *value, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { GSimpleAsyncResult *res; GVariant *attrs; StoreClosure *closure; GVariantBuilder builder; GVariant *params; GDBusProxy *proxy; g_return_if_fail (GSECRET_IS_SERVICE (self)); g_return_if_fail (schema != NULL); g_return_if_fail (attributes != NULL); g_return_if_fail (collection_path != NULL); g_return_if_fail (label != NULL); g_return_if_fail (value != NULL); g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable)); /* Build up the attributes */ attrs = _gsecret_util_variant_for_attributes (attributes); /* Build up the various properties */ g_variant_builder_init (&builder, G_VARIANT_TYPE ("a{sv}")); g_variant_builder_add (&builder, "{sv}", GSECRET_SERVICE_INTERFACE "Attributes", attrs); g_variant_builder_add (&builder, "{sv}", GSECRET_SERVICE_INTERFACE "Label", g_variant_new_string (label)); g_variant_builder_add (&builder, "{sv}", GSECRET_SERVICE_INTERFACE "Schema", g_variant_new_string (schema->schema_name)); res = g_simple_async_result_new (G_OBJECT (self), callback, user_data, gsecret_service_storev); closure = g_new0 (StoreClosure, 1); closure->collection_path = g_strdup (collection_path); closure->cancellable = cancellable ? g_object_ref (cancellable) : NULL; g_simple_async_result_set_op_res_gpointer (res, closure, store_closure_free); params = g_variant_new ("(&a{sv}&(oayays)b)", g_variant_builder_end (&builder), _gsecret_service_encode_secret (self, value), TRUE); proxy = G_DBUS_PROXY (self); g_dbus_connection_call (g_dbus_proxy_get_connection (proxy), g_dbus_proxy_get_name (proxy), closure->collection_path, GSECRET_COLLECTION_INTERFACE, "CreateItem", params, G_VARIANT_TYPE ("(oo)"), G_DBUS_CALL_FLAGS_NO_AUTO_START, -1, closure->cancellable, on_store_create, g_object_ref (res)); g_object_unref (res); } gboolean gsecret_service_store_finish (GSecretService *self, GAsyncResult *result, GError **error) { GSimpleAsyncResult *res; StoreClosure *closure; g_return_val_if_fail (GSECRET_IS_SERVICE (self), FALSE); g_return_val_if_fail (error == NULL || *error == NULL, FALSE); g_return_val_if_fail (g_simple_async_result_is_valid (result, G_OBJECT (self), gsecret_service_storev), FALSE); res = G_SIMPLE_ASYNC_RESULT (result); if (!g_simple_async_result_propagate_error (res, error)) return FALSE; closure = g_simple_async_result_get_op_res_gpointer (res); return closure->created; } gboolean gsecret_service_store_sync (GSecretService *self, const GSecretSchema *schema, const gchar *collection_path, const gchar *label, GSecretValue *value, GCancellable *cancellable, GError **error, ...) { GHashTable *attributes; gboolean ret; va_list va; g_return_val_if_fail (GSECRET_IS_SERVICE (self), FALSE); g_return_val_if_fail (schema != NULL, FALSE); g_return_val_if_fail (collection_path != NULL, FALSE); g_return_val_if_fail (label != NULL, FALSE); g_return_val_if_fail (value != NULL, FALSE); g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), FALSE); g_return_val_if_fail (error == NULL || *error == NULL, FALSE); va_start (va, error); attributes = _gsecret_util_attributes_for_varargs (schema, va); va_end (va); ret = gsecret_service_storev_sync (self, schema, attributes, collection_path, label, value, cancellable, error); g_hash_table_unref (attributes); return ret; } gboolean gsecret_service_storev_sync (GSecretService *self, const GSecretSchema *schema, GHashTable *attributes, const gchar *collection_path, const gchar *label, GSecretValue *value, GCancellable *cancellable, GError **error) { GSecretSync *sync; gboolean ret; g_return_val_if_fail (GSECRET_IS_SERVICE (self), FALSE); g_return_val_if_fail (schema != NULL, FALSE); g_return_val_if_fail (attributes != NULL, FALSE); g_return_val_if_fail (collection_path != NULL, FALSE); g_return_val_if_fail (label != NULL, FALSE); g_return_val_if_fail (value != NULL, FALSE); g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), FALSE); g_return_val_if_fail (error == NULL || *error == NULL, FALSE); sync = _gsecret_sync_new (); g_main_context_push_thread_default (sync->context); gsecret_service_storev (self, schema, attributes, collection_path, label, value, cancellable, _gsecret_sync_on_result, sync); g_main_loop_run (sync->loop); ret = gsecret_service_store_finish (self, sync->result, error); g_main_context_pop_thread_default (sync->context); _gsecret_sync_free (sync); return ret; } typedef struct { GSecretValue *value; GCancellable *cancellable; } LookupClosure; static void lookup_closure_free (gpointer data) { LookupClosure *closure = data; gsecret_value_unref (closure->value); g_clear_object (&closure->cancellable); g_slice_free (LookupClosure, closure); } void gsecret_service_lookup (GSecretService *self, const GSecretSchema *schema, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data, ...) { GHashTable *attributes; va_list va; g_return_if_fail (GSECRET_IS_SERVICE (self)); g_return_if_fail (schema != NULL); g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable)); va_start (va, user_data); attributes = _gsecret_util_attributes_for_varargs (schema, va); va_end (va); gsecret_service_lookupv (self, attributes, cancellable, callback, user_data); g_hash_table_unref (attributes); } static void on_lookup_get_secret (GObject *source, GAsyncResult *result, gpointer user_data) { GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); LookupClosure *closure = g_simple_async_result_get_op_res_gpointer (res); GSecretService *self = GSECRET_SERVICE (source); GError *error = NULL; closure->value = gsecret_service_get_secret_for_path_finish (self, result, &error); if (error != NULL) g_simple_async_result_take_error (res, error); g_simple_async_result_complete (res); g_object_unref (res); } static void on_lookup_unlocked (GObject *source, GAsyncResult *result, gpointer user_data) { GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); LookupClosure *closure = g_simple_async_result_get_op_res_gpointer (res); GSecretService *self = GSECRET_SERVICE (source); GError *error = NULL; gchar **unlocked = NULL; gsecret_service_unlock_paths_finish (GSECRET_SERVICE (source), result, &unlocked, &error); if (error != NULL) { g_simple_async_result_take_error (res, error); g_simple_async_result_complete (res); } else if (unlocked && unlocked[0]) { gsecret_service_get_secret_for_path (self, unlocked[0], closure->cancellable, on_lookup_get_secret, g_object_ref (res)); } else { g_simple_async_result_complete (res); } g_strfreev (unlocked); g_object_unref (res); } static void on_lookup_searched (GObject *source, GAsyncResult *result, gpointer user_data) { GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); LookupClosure *closure = g_simple_async_result_get_op_res_gpointer (res); GSecretService *self = GSECRET_SERVICE (source); GError *error = NULL; gchar **unlocked = NULL; gchar **locked = NULL; gsecret_service_search_for_paths_finish (self, result, &unlocked, &locked, &error); if (error != NULL) { g_simple_async_result_take_error (res, error); g_simple_async_result_complete (res); } else if (unlocked && unlocked[0]) { gsecret_service_get_secret_for_path (self, unlocked[0], closure->cancellable, on_lookup_get_secret, g_object_ref (res)); } else if (locked && locked[0]) { const gchar *paths[] = { locked[0], NULL }; gsecret_service_unlock_paths (self, paths, closure->cancellable, on_lookup_unlocked, g_object_ref (res)); } else { g_simple_async_result_complete (res); } g_strfreev (unlocked); g_strfreev (locked); g_object_unref (res); } void gsecret_service_lookupv (GSecretService *self, GHashTable *attributes, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { GSimpleAsyncResult *res; LookupClosure *closure; g_return_if_fail (GSECRET_IS_SERVICE (self)); g_return_if_fail (attributes != NULL); g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable)); res = g_simple_async_result_new (G_OBJECT (self), callback, user_data, gsecret_service_lookupv); closure = g_slice_new0 (LookupClosure); closure->cancellable = cancellable ? g_object_ref (cancellable) : NULL; g_simple_async_result_set_op_res_gpointer (res, closure, lookup_closure_free); gsecret_service_search_for_paths (self, attributes, cancellable, on_lookup_searched, g_object_ref (res)); g_object_unref (res); } GSecretValue * gsecret_service_lookup_finish (GSecretService *self, GAsyncResult *result, GError **error) { GSimpleAsyncResult *res; LookupClosure *closure; GSecretValue *value; g_return_val_if_fail (GSECRET_IS_SERVICE (self), NULL); g_return_val_if_fail (error == NULL || *error == NULL, NULL); g_return_val_if_fail (g_simple_async_result_is_valid (result, G_OBJECT (self), gsecret_service_lookupv), NULL); res = G_SIMPLE_ASYNC_RESULT (result); if (g_simple_async_result_propagate_error (res, error)) return NULL; closure = g_simple_async_result_get_op_res_gpointer (res); value = closure->value; closure->value = NULL; return value; } GSecretValue * gsecret_service_lookup_sync (GSecretService *self, const GSecretSchema *schema, GCancellable *cancellable, GError **error, ...) { GHashTable *attributes; GSecretValue *value; va_list va; g_return_val_if_fail (GSECRET_IS_SERVICE (self), NULL); g_return_val_if_fail (schema != NULL, NULL); g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), NULL); va_start (va, error); attributes = _gsecret_util_attributes_for_varargs (schema, va); va_end (va); value = gsecret_service_lookupv_sync (self, attributes, cancellable, error); g_hash_table_unref (attributes); return value; } GSecretValue * gsecret_service_lookupv_sync (GSecretService *self, GHashTable *attributes, GCancellable *cancellable, GError **error) { GSecretSync *sync; GSecretValue *value; g_return_val_if_fail (GSECRET_IS_SERVICE (self), NULL); g_return_val_if_fail (attributes != NULL, NULL); g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), NULL); sync = _gsecret_sync_new (); g_main_context_push_thread_default (sync->context); gsecret_service_lookupv (self, attributes, cancellable, _gsecret_sync_on_result, sync); g_main_loop_run (sync->loop); value = gsecret_service_lookup_finish (self, sync->result, error); g_main_context_pop_thread_default (sync->context); _gsecret_sync_free (sync); return value; } typedef struct { GCancellable *cancellable; GSecretPrompt *prompt; gboolean deleted; } DeleteClosure; static void delete_closure_free (gpointer data) { DeleteClosure *closure = data; g_clear_object (&closure->prompt); g_clear_object (&closure->cancellable); g_slice_free (DeleteClosure, closure); } static void on_delete_prompted (GObject *source, GAsyncResult *result, gpointer user_data) { GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); DeleteClosure *closure = g_simple_async_result_get_op_res_gpointer (res); GError *error = NULL; gsecret_service_prompt_finish (GSECRET_SERVICE (source), result, &error); if (error == NULL) closure->deleted = TRUE; else g_simple_async_result_take_error (res, error); g_simple_async_result_complete (res); g_object_unref (res); } static void on_delete_complete (GObject *source, GAsyncResult *result, gpointer user_data) { GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); DeleteClosure *closure = g_simple_async_result_get_op_res_gpointer (res); GSecretService *self = GSECRET_SERVICE (g_async_result_get_source_object (user_data)); const gchar *prompt_path; GError *error = NULL; GVariant *retval; retval = g_dbus_connection_call_finish (G_DBUS_CONNECTION (source), result, &error); if (error == NULL) { g_variant_get (retval, "(&o)", &prompt_path); if (_gsecret_util_empty_path (prompt_path)) { closure->deleted = TRUE; g_simple_async_result_complete (res); } else { closure->prompt = gsecret_prompt_instance (self, prompt_path); gsecret_service_prompt (self, closure->prompt, closure->cancellable, on_delete_prompted, g_object_ref (res)); } g_variant_unref (retval); } else { g_simple_async_result_take_error (res, error); g_simple_async_result_complete (res); } g_object_unref (self); g_object_unref (res); } void gsecret_service_delete_path (GSecretService *self, const gchar *item_path, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { GSimpleAsyncResult *res; DeleteClosure *closure; g_return_if_fail (GSECRET_IS_SERVICE (self)); g_return_if_fail (item_path != NULL); g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable)); res = g_simple_async_result_new (G_OBJECT (self), callback, user_data, gsecret_service_delete_path); closure = g_slice_new0 (DeleteClosure); closure->cancellable = cancellable ? g_object_ref (cancellable) : NULL; g_simple_async_result_set_op_res_gpointer (res, closure, delete_closure_free); g_dbus_connection_call (g_dbus_proxy_get_connection (G_DBUS_PROXY (self)), g_dbus_proxy_get_name (G_DBUS_PROXY (self)), item_path, GSECRET_ITEM_INTERFACE, "Delete", g_variant_new ("()"), G_VARIANT_TYPE ("(o)"), G_DBUS_CALL_FLAGS_NO_AUTO_START, -1, cancellable, on_delete_complete, g_object_ref (res)); g_object_unref (res); } gboolean gsecret_service_delete_path_finish (GSecretService *self, GAsyncResult *result, GError **error) { GSimpleAsyncResult *res; DeleteClosure *closure; g_return_val_if_fail (GSECRET_IS_SERVICE (self), FALSE); g_return_val_if_fail (error == NULL || *error == NULL, FALSE); g_return_val_if_fail (g_simple_async_result_is_valid (result, G_OBJECT (self), gsecret_service_delete_path), FALSE); res = G_SIMPLE_ASYNC_RESULT (result); if (g_simple_async_result_propagate_error (res, error)) return FALSE; closure = g_simple_async_result_get_op_res_gpointer (res); return closure->deleted; } gboolean gsecret_service_delete_path_sync (GSecretService *self, const gchar *item_path, GCancellable *cancellable, GError **error) { GSecretSync *sync; gboolean result; g_return_val_if_fail (GSECRET_IS_SERVICE (self), FALSE); g_return_val_if_fail (item_path != NULL, FALSE); g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), FALSE); g_return_val_if_fail (error == NULL || *error == NULL, FALSE); sync = _gsecret_sync_new (); g_main_context_push_thread_default (sync->context); gsecret_service_delete_path (self, item_path, cancellable, _gsecret_sync_on_result, sync); g_main_loop_run (sync->loop); result = gsecret_service_delete_path_finish (self, sync->result, error); g_main_context_pop_thread_default (sync->context); _gsecret_sync_free (sync); return result; } static void on_delete_password_complete (GObject *source, GAsyncResult *result, gpointer user_data) { GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); GSecretService *self = GSECRET_SERVICE (g_async_result_get_source_object (user_data)); DeleteClosure *closure = g_simple_async_result_get_op_res_gpointer (res); GError *error = NULL; closure->deleted = gsecret_service_delete_path_finish (self, result, &error); if (error != NULL) g_simple_async_result_take_error (res, error); g_simple_async_result_complete (res); g_object_unref (self); g_object_unref (res); } static void on_search_delete_password (GObject *source, GAsyncResult *result, gpointer user_data) { GSimpleAsyncResult *res = G_SIMPLE_ASYNC_RESULT (user_data); DeleteClosure *closure = g_simple_async_result_get_op_res_gpointer (res); GSecretService *self = GSECRET_SERVICE (g_async_result_get_source_object (user_data)); const gchar *path = NULL; GError *error = NULL; gchar **locked; gchar **unlocked; gsecret_service_search_for_paths_finish (self, result, &unlocked, &locked, &error); if (error != NULL) { g_simple_async_result_take_error (res, error); g_simple_async_result_complete (res); } else { /* Choose the first path */ if (unlocked && unlocked[0]) path = unlocked[0]; else if (locked && locked[0]) path = locked[0]; /* Nothing to delete? */ if (path == NULL) { closure->deleted = FALSE; g_simple_async_result_complete (res); /* Delete the first path */ } else { closure->deleted = TRUE; gsecret_service_delete_path (self, path, closure->cancellable, on_delete_password_complete, g_object_ref (res)); } } g_strfreev (locked); g_strfreev (unlocked); g_object_unref (self); g_object_unref (res); } void gsecret_service_remove (GSecretService *self, const GSecretSchema *schema, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data, ...) { GHashTable *attributes; va_list va; g_return_if_fail (GSECRET_SERVICE (self)); g_return_if_fail (schema != NULL); g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable)); va_start (va, user_data); attributes = _gsecret_util_attributes_for_varargs (schema, va); va_end (va); gsecret_service_removev (self, attributes, cancellable, callback, user_data); g_hash_table_unref (attributes); } void gsecret_service_removev (GSecretService *self, GHashTable *attributes, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { GSimpleAsyncResult *res; DeleteClosure *closure; g_return_if_fail (GSECRET_SERVICE (self)); g_return_if_fail (attributes != NULL); g_return_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable)); res = g_simple_async_result_new (G_OBJECT (self), callback, user_data, gsecret_service_remove); closure = g_slice_new0 (DeleteClosure); closure->cancellable = cancellable ? g_object_ref (cancellable) : NULL; g_simple_async_result_set_op_res_gpointer (res, closure, delete_closure_free); gsecret_service_search_for_paths (self, attributes, cancellable, on_search_delete_password, g_object_ref (res)); g_object_unref (res); } gboolean gsecret_service_remove_finish (GSecretService *self, GAsyncResult *result, GError **error) { GSimpleAsyncResult *res; DeleteClosure *closure; g_return_val_if_fail (GSECRET_IS_SERVICE (self), FALSE); g_return_val_if_fail (error == NULL || *error == NULL, FALSE); g_return_val_if_fail (g_simple_async_result_is_valid (result, G_OBJECT (self), gsecret_service_remove), FALSE); res = G_SIMPLE_ASYNC_RESULT (result); if (g_simple_async_result_propagate_error (res, error)) return FALSE; closure = g_simple_async_result_get_op_res_gpointer (res); return closure->deleted; } gboolean gsecret_service_remove_sync (GSecretService *self, const GSecretSchema* schema, GCancellable *cancellable, GError **error, ...) { GHashTable *attributes; gboolean result; va_list va; g_return_val_if_fail (GSECRET_IS_SERVICE (self), FALSE); g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), FALSE); g_return_val_if_fail (error == NULL || *error == NULL, FALSE); va_start (va, error); attributes = _gsecret_util_attributes_for_varargs (schema, va); va_end (va); result = gsecret_service_removev_sync (self, attributes, cancellable, error); g_hash_table_unref (attributes); return result; } gboolean gsecret_service_removev_sync (GSecretService *self, GHashTable *attributes, GCancellable *cancellable, GError **error) { GSecretSync *sync; gboolean result; g_return_val_if_fail (GSECRET_IS_SERVICE (self), FALSE); g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), FALSE); g_return_val_if_fail (error == NULL || *error == NULL, FALSE); sync = _gsecret_sync_new (); g_main_context_push_thread_default (sync->context); gsecret_service_removev (self, attributes, cancellable, _gsecret_sync_on_result, sync); g_main_loop_run (sync->loop); result = gsecret_service_remove_finish (self, sync->result, error); g_main_context_pop_thread_default (sync->context); _gsecret_sync_free (sync); return result; }