Re: setEnvironmentVariable DBus method for wpasupplicant

Dan Williams wrote:
> I think the real fix for this is to get Gnome Keyring using D-Bus, not
> sockets.  That needs to be done anyway.  This sort of call in the
> supplicant seems really ugly to me.

Gnome Keyring supports a variety of standards and access methods for
various things. It sits as a bridge between a bunch of technologies,
some ancient and some modern.

In this case wpasupplicant accessing gnome-keyring PKCS#11 via which
is a standardized API for public key access and crypto operations. This
API is provided by a module.

Internally a socket it used to connect from the module to the
gnome-keyring daemon. Why isn't Dbus used for this connection? We tried
hard to make that work, but in the end:

 * DBus has a rigid locking and threading model is incompatible with
   the threading model of PKCS#11 modules.
 * DBus provides no credentials information on who the other side of the
   caller is.

This just isn't what DBus is designed for. This was discussed on the
DBus mailing list.

On the other hand, certain parts of gnome-keyring are exposed via DBus.
And you can get the appropriate socket path for the current user
session, via DBus.

Stef Walter

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]