Re: gnome-keyring Problems integrating DBus code into Gnome Keyring

From: "Sviatko, StephenX A" <stephenx a sviatko intel com>
To: Stef Walter <stefw collabora co uk>
Cc: "chrisrossimail gmail com" <chrisrossimail gmail com>, "gnome-keyring-list gnome org" <gnome-keyring-list gnome org>
Subject: Re: gnome-keyring Problems integrating DBus code into Gnome Keyring
Date: Wed, 25 May 2011 10:15:28 -0700

> Why are you using a different DBus connection? The separate connection
> needs probably needs to be integrated with the main loop properly. But
> multiple services can use the same connection without a problem. It
> doesn't seem necessary to me, but maybe I'm missing something.

That was not the way I originally wanted to do it, but initially I took a look at your dbus routines and realized that since I only needed to do something really simple, I thought I would drop in an existing dbus library that I had already written in order to save time. Not the most elegant solution I know, but it enabled us to get our communications mechanism working and tested in a single afternoon. We were not counting on there being any contention between the two dbus connections.

(snip)
> So that's basically how it would work. I don't think we need to handle
> the phase 1 of the NTLM challenge, just phase 3. But if necessary, we
> could extend that NtlmAuthentication interface to do both phases.
> 
> What do you think?

I think those are all fantastic ideas, but for our needs today I don't think we need to extend gkr to that degree just to get the other software we have written communicating with our sso module over dbus. All we need is a simple facility to send a text string (and maybe an integer) over dbus so our various modules can communicate with each other. (these pieces will be presented to the community later on as part of subsequent patches we are developing) I took a much closer look at the dbus routines in gkr yesterday and I have a few questions:

1. I am assuming I can use the dbus_conn in daemon/dbus/gkd-dbus.c to send/receive our data. In that source file there is a callback routine, message_handler_cb(), which appears to be the "main entry point" for all incoming dbus messages directed towards the daemon. Should we alter the match/filter to allow in our own messages on our own interface and then extend the if/else statement to check for our own incoming messages?

2. We will need to secure our messages. I took a look at the egg-dh routines that get called internally by Secret Service and I am assuming that I can use Diffie-Hellman to exchange a key and encrypt our dbus messages. Once we find a way to listen for our own messages, what would be the best way to use your existing encryption routines? 

I think it's important to mention that our dbus messages will not be directed towards the daemon or any other parts of gkr, but instead towards the sso module that we have installed on top of gkr. This is one of the reasons we chose to bypass your dbus routines in the first place but it looks like we will need to use them after all. I spent a number of hours yesterday studying your code and getting ideas how to implement what we want, but I know that you would probably have recommendations on how to do it efficiently and in the most elegant fashion. We would certainly appreciate any help you can give us to get a simple encrypted messaging facility working using your routines!

> 
> Cheers,
> 
> Stef

Thanks!

Steve Sviatko
stephenx a sviatko intel com

Follow-Ups:
- Re: gnome-keyring Problems integrating DBus code into Gnome Keyring
  - From: Stef Walter

References:
- Re: gnome-keyring Problems integrating DBus code into Gnome Keyring
  - From: Stef Walter

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]