[gnome-keyring/wip/dueno/ssh-agent: 1/5] ssh-agent: assorted minor adjustments
- From: Daiki Ueno <dueno src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-keyring/wip/dueno/ssh-agent: 1/5] ssh-agent: assorted minor adjustments
- Date: Wed, 13 Dec 2017 16:54:30 +0000 (UTC)
commit 38242a17da6fc903e5d253a652f8da5ef27027b8
Author: Daiki Ueno <dueno src gnome org>
Date: Mon Dec 11 15:22:57 2017 +0100
ssh-agent: assorted minor adjustments
configure.ac | 8 +-
daemon/gkd-pkcs11.c | 1 -
daemon/ssh-agent/Makefile.am | 19 ++++
daemon/ssh-agent/gkd-ssh-agent-client.c | 2 +-
daemon/ssh-agent/gkd-ssh-agent-ops.c | 5 +-
daemon/ssh-agent/gkd-ssh-agent-preload.c | 39 +++------
daemon/ssh-agent/gkd-ssh-interaction.c | 26 ++++++
daemon/ssh-agent/gkd-ssh-openssh.c | 23 +++++-
daemon/ssh-agent/test-gkd-ssh-openssh.c | 86 ++++++++++++++++++
daemon/ssh-agent/test-ssh-openssh.c | 138 ------------------------------
10 files changed, 174 insertions(+), 173 deletions(-)
---
diff --git a/configure.ac b/configure.ac
index d2b4b7b..ce1b031 100644
--- a/configure.ac
+++ b/configure.ac
@@ -12,7 +12,7 @@ GLIB_MIN=GLIB_VERSION_2_38
GLIB_MAX=GLIB_VERSION_2_38
GCK_REQ=3.3.4
-GCR_REQ=3.13.91
+GCR_REQ=3.27.3
GCRYPT_REQ=1.2.2
GCRYPT_LIBVER=1
@@ -349,12 +349,12 @@ AC_ARG_ENABLE([ssh-agent],
if test "$enable_ssh_agent" != "no"; then
AC_PATH_PROG([SSH_AGENT], [ssh-agent], [no])
- AC_PATH_PROG([SSH_ADD], [ssh-agent], [no])
+ AC_PATH_PROG([SSH_ADD], [ssh-add], [no])
if test "$SSH_AGENT" = "no" -o "$SSH_ADD" = "no"; then
AC_MSG_ERROR([the ssh-agent and ssh-add commands were not found])
fi
- AC_DEFINE_UNQUOTED(SSH_AGENT, "$SSH_AGENT", [The path to ssh-agent])
- AC_DEFINE_UNQUOTED(SSH_ADD, "$SSH_ADD", [The path to ssh-add])
+ AC_DEFINE_UNQUOTED(SSH_AGENT, "$SSH_AGENT", [The path to ssh-agent])
+ AC_DEFINE_UNQUOTED(SSH_ADD, "$SSH_ADD", [The path to ssh-add])
AC_DEFINE(WITH_SSH, 1, [Whether to build SSH agent or not])
ssh_status="yes"
else
diff --git a/daemon/gkd-pkcs11.c b/daemon/gkd-pkcs11.c
index 8821d01..1e9db20 100644
--- a/daemon/gkd-pkcs11.c
+++ b/daemon/gkd-pkcs11.c
@@ -66,7 +66,6 @@ gkd_pkcs11_initialize (void)
CK_FUNCTION_LIST_PTR gnome2_store;
CK_FUNCTION_LIST_PTR xdg_store;
CK_C_INITIALIZE_ARGS init_args;
- gboolean ret;
CK_RV rv;
/* Secrets */
diff --git a/daemon/ssh-agent/Makefile.am b/daemon/ssh-agent/Makefile.am
index 9f5f1db..ca41d82 100644
--- a/daemon/ssh-agent/Makefile.am
+++ b/daemon/ssh-agent/Makefile.am
@@ -21,3 +21,22 @@ libgkd_ssh_agent_la_SOURCES = \
$(NULL)
libgkd_ssh_agent_la_CFLAGS = \
$(DAEMON_CFLAGS)
+
+# Tests
+
+ssh_agent_CFLAGS = \
+ $(DAEMON_CFLAGS)
+
+ssh_agent_LIBS = \
+ $(DAEMON_LIBS) \
+ libgkd-ssh-agent.la
+
+ssh_agent_TESTS = \
+ test-gkd-ssh-openssh
+
+test_gkd_ssh_openssh_SOURCES = daemon/ssh-agent/test-gkd-ssh-openssh.c
+test_gkd_ssh_openssh_CFLAGS = $(ssh_agent_CFLAGS)
+test_gkd_ssh_openssh_LDADD = $(ssh_agent_LIBS)
+
+check_PROGRAMS += $(ssh_agent_TESTS)
+TESTS += $(ssh_agent_TESTS)
diff --git a/daemon/ssh-agent/gkd-ssh-agent-client.c b/daemon/ssh-agent/gkd-ssh-agent-client.c
index 98f2773..2cf44c4 100644
--- a/daemon/ssh-agent/gkd-ssh-agent-client.c
+++ b/daemon/ssh-agent/gkd-ssh-agent-client.c
@@ -167,7 +167,7 @@ gkd_ssh_agent_client_connect (void)
source = g_timeout_add_seconds (5, agent_ready_timeout, &timedout);
while (started && !ssh_agent_ready && !timedout) {
g_message ("waiting for agent: %u", (guint)timedout);
- g_main_context_iteration (NULL, TRUE);
+ g_main_context_iteration (NULL, FALSE);
}
g_source_remove (source);
g_message ("waited for agent");
diff --git a/daemon/ssh-agent/gkd-ssh-agent-ops.c b/daemon/ssh-agent/gkd-ssh-agent-ops.c
index f528a41..0669d0e 100644
--- a/daemon/ssh-agent/gkd-ssh-agent-ops.c
+++ b/daemon/ssh-agent/gkd-ssh-agent-ops.c
@@ -155,6 +155,9 @@ op_request_identities (GkdSshAgentCall *call)
egg_buffer_set_uint32 (call->resp, 5, added + g_hash_table_size (answer));
g_hash_table_unref (answer);
+ /* Set the correct total size of the payload */
+ egg_buffer_set_uint32 (call->resp, 0, call->resp->len - 4);
+
return TRUE;
}
@@ -208,7 +211,7 @@ op_sign_request (GkdSshAgentCall *call)
GBytes *key;
/* If parsing the request fails, just pass through */
- if (egg_buffer_get_byte_array (call->resp, offset, &offset, &blob, &length)) {
+ if (egg_buffer_get_byte_array (call->req, offset, &offset, &blob, &length)) {
key = g_bytes_new (blob, length);
preload_key_if_necessary (call->ssh_agent, key);
g_bytes_unref (key);
diff --git a/daemon/ssh-agent/gkd-ssh-agent-preload.c b/daemon/ssh-agent/gkd-ssh-agent-preload.c
index 5595e43..cac8fb9 100644
--- a/daemon/ssh-agent/gkd-ssh-agent-preload.c
+++ b/daemon/ssh-agent/gkd-ssh-agent-preload.c
@@ -54,11 +54,8 @@ preload_free (gpointer data)
static gchar *
private_path_for_public (const gchar *public_path)
{
- gsize length;
-
- length = strlen (public_path);
- if (length > 4 && g_str_equal (public_path + (length - 4), ".pub"))
- return g_strndup (public_path, length - 4);
+ if (g_str_has_suffix (public_path, ".pub"))
+ return g_strndup (public_path, strlen (public_path) - 4);
return NULL;
}
@@ -123,8 +120,10 @@ file_load_inlock (EggFileTracker *tracker,
public_key = gkd_ssh_openssh_parse_public_key (public_bytes, &comment);
if (public_key) {
preload = g_new0 (Preload, 1);
- preload->filename = g_strdup (path);
+ preload->filename = private_path;
+ private_path = NULL;
preload->public_key = public_key;
+ preload->private_file = private_bytes;
preload->comment = comment;
g_hash_table_replace (preloads_by_filename, preload->filename, preload);
g_hash_table_replace (preloads_by_key, preload->public_key, preload);
@@ -229,10 +228,8 @@ gkd_ssh_agent_preload_clear (GBytes *key)
preload_lock_and_update ();
preload = g_hash_table_lookup (preloads_by_key, key);
- if (preload) {
- g_bytes_unref (preload->private_file);
- preload->private_file = NULL;
- }
+ if (preload)
+ g_clear_pointer (&preload->private_file, (GDestroyNotify) g_bytes_unref);
preload_unlock ();
}
@@ -246,12 +243,8 @@ gkd_ssh_agent_preload_clear_all (void)
preload_lock_and_update ();
g_hash_table_iter_init (&iter, preloads_by_key);
- while (g_hash_table_iter_next (&iter, NULL, (gpointer *)&preload)) {
- if (preload->private_file) {
- g_bytes_unref (preload->private_file);
- preload->private_file = NULL;
- }
- }
+ while (g_hash_table_iter_next (&iter, NULL, (gpointer *)&preload))
+ g_clear_pointer (&preload->private_file, (GDestroyNotify) g_bytes_unref);
preload_unlock ();
}
@@ -261,17 +254,9 @@ gkd_ssh_agent_preload_cleanup (void)
{
g_mutex_lock (&preload_mutex);
- if (preloads_by_key)
- g_hash_table_destroy (preloads_by_key);
- preloads_by_key = NULL;
-
- if (preloads_by_filename)
- g_hash_table_destroy (preloads_by_filename);
- preloads_by_filename = NULL;
-
- if (file_tracker)
- g_object_unref (file_tracker);
- file_tracker = NULL;
+ g_clear_pointer (&preloads_by_key, (GDestroyNotify) g_hash_table_unref);
+ g_clear_pointer (&preloads_by_filename, (GDestroyNotify) g_hash_table_unref);
+ g_clear_object (&file_tracker);
g_mutex_unlock (&preload_mutex);
}
diff --git a/daemon/ssh-agent/gkd-ssh-interaction.c b/daemon/ssh-agent/gkd-ssh-interaction.c
index f9d7470..aa3c99a 100644
--- a/daemon/ssh-agent/gkd-ssh-interaction.c
+++ b/daemon/ssh-agent/gkd-ssh-interaction.c
@@ -65,6 +65,30 @@ gkd_ssh_interaction_finalize (GObject *obj)
}
static void
+on_prompt_password (GObject *source_object,
+ GAsyncResult *result,
+ gpointer user_data)
+{
+ GTask *task = G_TASK (user_data);
+ GTlsPassword *password = g_task_get_task_data (task);
+ GcrPrompt *self = GCR_PROMPT (source_object);
+ GError *error = NULL;
+ const gchar *value;
+
+ value = gcr_prompt_password_finish (self, result, &error);
+ if (!value) {
+ g_task_return_error (task, error);
+ g_object_unref (task);
+ return;
+ }
+ g_tls_password_set_value (password, (const guchar *)value, strlen (value));
+ g_object_unref (self);
+
+ g_task_return_boolean (task, TRUE);
+ g_object_unref (task);
+}
+
+static void
on_prompt_open (GObject *source_object,
GAsyncResult *result,
gpointer user_data)
@@ -101,6 +125,8 @@ on_prompt_open (GObject *source_object,
if (g_tls_password_get_flags (password) & G_TLS_PASSWORD_RETRY)
gcr_prompt_set_warning (prompt, _("The unlock password was incorrect"));
+ gcr_prompt_password_async (prompt, g_task_get_cancellable (task), on_prompt_password, g_object_ref
(task));
+
g_object_unref (task);
}
diff --git a/daemon/ssh-agent/gkd-ssh-openssh.c b/daemon/ssh-agent/gkd-ssh-openssh.c
index 5453f8c..29e4eca 100644
--- a/daemon/ssh-agent/gkd-ssh-openssh.c
+++ b/daemon/ssh-agent/gkd-ssh-openssh.c
@@ -1,3 +1,24 @@
+/*
+ * Copyright (C) 2014 Stef Walter
+ *
+ * Gnome keyring is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or (at your option) any later version.
+ *
+ * Gnome keyring is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ *
+ * Author: Stef Walter <stef thewalter net>
+ */
+
+#include "config.h"
#include "gkd-ssh-openssh.h"
@@ -68,7 +89,7 @@ gkd_ssh_openssh_parse_public_key (GBytes *input,
/* Decode the base64 key */
save = state = 0;
decoded = g_malloc (n_data * 3 / 4);
- n_decoded = g_base64_decode_step ((gchar*)data, n_data, decoded, &state, &save);
+ n_decoded = g_base64_decode_step ((gchar*)data, at - data, decoded, &state, &save);
if (!n_decoded) {
g_free (decoded);
diff --git a/daemon/ssh-agent/test-gkd-ssh-openssh.c b/daemon/ssh-agent/test-gkd-ssh-openssh.c
new file mode 100644
index 0000000..e6249e7
--- /dev/null
+++ b/daemon/ssh-agent/test-gkd-ssh-openssh.c
@@ -0,0 +1,86 @@
+/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */
+/*
+ Copyright (C) 2008 Stefan Walter
+
+ The Gnome Keyring Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Library General Public License as
+ published by the Free Software Foundation; either version 2 of the
+ License, or (at your option) any later version.
+
+ The Gnome Keyring Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+
+ You should have received a copy of the GNU Library General Public
+ License along with the Gnome Library; see the file COPYING.LIB. If not,
+ <http://www.gnu.org/licenses/>.
+
+ Author: Stef Walter <stef memberwebs com>
+*/
+
+#include "config.h"
+
+#include "daemon/ssh-agent/gkd-ssh-openssh.h"
+
+#include <glib.h>
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+static struct {
+ const char *filename;
+ const char *encoded;
+} PUBLIC_FILES[] = {
+ { SRCDIR "/pkcs11/ssh-store/fixtures/id_rsa_test.pub",
+
"AAAAB3NzaC1yc2EAAAABIwAAAQEAoD6VKqkhay6pKHSRjAGWWfFPU8xfsi2gnOwP/B1UHDoztx3czhO+py/fTlhCnSP1jsjkrVIZcnzah2fUNFFRgS4+jROBtvbgHsS72V1E6+ZogV+mBJWWAhw0iPrmQ3Kvm38D3PByo5Y7yKO5kIG2LloYLjosJ5F4sx2xh0uz2wXNtnY1b5xhe2+VEksm9OB+FXaUkZC2fQrTNo8ZGFJQSFd8kUhIfbUDJmlYuZ+vvHM+A3Lc9rHyW4IPaRyxFQciRmb+ZQqU2uSdOXAhg17lskuX/q8yCI5Hy5eDicC222oUMdJTtYgwX4dQCU8TICWhxb3x4RCV+g7D99+tkIvv+w=="
},
+ { SRCDIR "/pkcs11/ssh-store/fixtures/id_dsa_test.pub",
+
"AAAAB3NzaC1kc3MAAACBANHNmw2YHEodUj4Ae27i8Rm8uoLnpS68QEiCJx8bv9P1o0AaD0w55sH+TBzlo7vtAEDlAzIOBY3PMpy5WarELTIeXmFPzKfHL8tuxMbOPaN/wDkDZNnJZsqlyRwlQKStPcAlvLBNuMjA53u2ndMTVghtUHXETQzwxKhXf7TmvfLBAAAAFQDnF/Y8MgFCP0PpRC5ZAQo1dyDEwwAAAIEAr4iOpTeZx8i1QgQpRl+dmbBAtHTXbPiophzNJBge9lixqF0T3egN2B9wGGnumIXmnst9RPPjuu+cHCLfxhXHzLlW8MLwoiF6ZQOx9M8WcfWIl5oiGyr2e969woRf5OcMGQPOQBdws6MEtemRqq5gu6dqDqVl3xfhSZSP9LpqAI8AAACAUjiuQ3qGErsCz++qd0qrR++QA185XGXAPZqQEHcr4iKSlO17hSUYA03kOWtDaeRtJOlxjIjl9iLo3juKGFgxUfo2StScOSO2saTWFGjA4MybHCK1+mIYXRcYrq314yK2Tmbql/UGDWpcCCGXLWpSFHTaXTbJjPd6VL+TO9/8tFk="
}
+};
+
+#define COMMENT "A public key comment"
+
+static void
+test_parse_public (void)
+{
+ GBytes *input_bytes, *output_bytes;
+ gchar *comment;
+ guchar *data;
+ const guchar *blob;
+ gsize n_data;
+ gchar *encoded;
+ gsize i;
+
+ for (i = 0; i < G_N_ELEMENTS (PUBLIC_FILES); ++i) {
+ if (!g_file_get_contents (PUBLIC_FILES[i].filename, (gchar **)&data, &n_data, NULL))
+ g_assert_not_reached ();
+
+ input_bytes = g_bytes_new_take (data, n_data);
+ output_bytes = gkd_ssh_openssh_parse_public_key (input_bytes, &comment);
+ g_bytes_unref (input_bytes);
+ g_assert (output_bytes);
+
+ blob = g_bytes_get_data (output_bytes, &n_data);
+ encoded = g_base64_encode (blob, n_data);
+ g_bytes_unref (output_bytes);
+ g_assert_cmpstr (encoded, ==, PUBLIC_FILES[i].encoded);
+ g_free (encoded);
+
+ g_assert_cmpstr (comment, ==, COMMENT);
+ g_free (comment);
+ }
+}
+
+int
+main (int argc, char **argv)
+{
+#if !GLIB_CHECK_VERSION(2,35,0)
+ g_type_init ();
+#endif
+ g_test_init (&argc, &argv, NULL);
+
+ g_test_add_func ("/ssh-agent/openssh/parse_public", test_parse_public);
+
+ return g_test_run ();
+}
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
