25 #include "dbus-keyring.h"
26 #include "dbus-protocol.h"
27 #include <dbus/dbus-string.h>
28 #include <dbus/dbus-list.h>
29 #include <dbus/dbus-sysdeps.h>
67 #define NEW_KEY_TIMEOUT_SECONDS (60*5)
73 #define EXPIRE_KEYS_TIMEOUT_SECONDS (NEW_KEY_TIMEOUT_SECONDS + (60*2))
77 #define MAX_TIME_TRAVEL_SECONDS (60*5)
83 #ifdef DBUS_ENABLE_EMBEDDED_TESTS
84 #define MAX_KEYS_IN_FILE 10
86 #define MAX_KEYS_IN_FILE 256
123 _dbus_keyring_new (
void)
191 #define MAX_LOCK_TIMEOUTS 32
193 #define LOCK_TIMEOUT_MILLISECONDS 250
209 _dbus_verbose (
"Did not get lock file, sleeping %d milliseconds (%s)\n",
222 _dbus_verbose (
"Lock file timed out %d times, assuming stale\n",
227 _dbus_verbose (
"Couldn't delete old lock file: %s\n",
236 _dbus_verbose (
"Couldn't create lock file after deleting stale one: %s\n",
269 if (keys[i].
id ==
id)
287 const unsigned char *s;
292 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
312 id = s[0] | (s[1] << 8) | (s[2] << 16) | (s[3] << 24);
317 if (find_key_by_id (keys, n_keys,
id) !=
NULL)
320 _dbus_verbose (
"Key ID %d already existed, trying another one\n",
325 _dbus_verbose (
"Creating key with ID %d\n",
id);
327 #define KEY_LENGTH_BYTES 24
354 keys[n_keys-1].
id = id;
357 &keys[n_keys-1].secret,
404 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
431 if (!_dbus_keyring_lock (keyring))
434 "Could not lock keyring file to add to it");
446 _dbus_verbose (
"Failed to load keyring file: %s\n",
455 _dbus_warn (
"Secret keyring file contains non-ASCII! Ignoring existing contents");
479 _dbus_verbose (
"could not parse secret key ID at start of line\n");
485 _dbus_verbose (
"invalid secret key ID at start of line\n");
495 _dbus_verbose (
"could not parse secret key timestamp\n");
503 _dbus_verbose (
"dropping/ignoring %ld-seconds old key with timestamp %ld as current time is %ld\n",
504 now - timestamp, timestamp, now);
512 if ((len - next) == 0)
514 _dbus_verbose (
"no secret key after ID and timestamp\n");
536 keys[n_keys-1].
id = id;
539 &keys[n_keys-1].secret, 0))
547 _dbus_verbose (
"invalid hex encoding in keyring file\n");
554 _dbus_verbose (
"Successfully loaded %d existing keys\n",
559 if (!add_new_key (&keys, &n_keys, error))
561 _dbus_verbose (
"Failed to generate new key: %s\n",
562 error ? error->
message :
"(unknown)");
579 keys[i].creation_time))
608 keyring->
keys = keys;
617 _dbus_keyring_unlock (keyring);
622 if (error && error->
name)
623 _dbus_verbose (
"error is %s: %s\n", error->
name, error->
message);
624 _dbus_warn (
"returning %d but error pointer %p name %s",
625 retval, error, error->
name ? error->
name :
"(none)");
715 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
720 "Unable to create DBus keyring when setuid");
726 our_credentials =
NULL;
734 if (credentials !=
NULL)
743 if (our_credentials ==
NULL)
756 keyring = _dbus_keyring_new ();
762 our_credentials =
NULL;
770 "Invalid context in keyring creation");
798 if (!_dbus_keyring_reload (keyring,
FALSE, &tmp_error))
800 _dbus_verbose (
"didn't load an existing keyring: %s\n",
813 _dbus_verbose (
"Creating keyring directory: %s\n",
853 _dbus_verbose (
"context is zero-length\n");
860 _dbus_verbose (
"context not valid ascii\n");
867 _dbus_verbose (
"context contains a slash\n");
873 _dbus_verbose (
"context contains a backslash\n");
882 _dbus_verbose (
"context contains a dot\n");
889 _dbus_verbose (
"context contains a blank\n");
895 _dbus_verbose (
"context contains a newline\n");
901 _dbus_verbose (
"context contains a carriage return\n");
912 long tv_sec, tv_usec;
917 while (i < keyring->n_keys)
921 _dbus_verbose (
"Key %d is %ld seconds old\n",
950 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
952 key = find_recent_key (keyring);
959 if (!_dbus_keyring_reload (keyring,
TRUE,
963 key = find_recent_key (keyring);
970 "No recent-enough key found in keyring, and unable to create a new key");
1009 key = find_key_by_id (keyring->
keys,
1022 #ifdef DBUS_ENABLE_EMBEDDED_TESTS
1023 #include "dbus-test.h"
1027 _dbus_keyring_test (
void)
1086 fprintf (stderr,
"Could not load keyring: %s\n", error.
message);
1097 fprintf (stderr,
"Different number of keys in keyrings\n");
1105 while (i < ring1->n_keys)
1109 fprintf (stderr,
"Keyring 1 has first key ID %d and keyring 2 has %d\n",
1116 fprintf (stderr,
"Keyring 1 has first key time %ld and keyring 2 has %ld\n",
1124 fprintf (stderr,
"Keyrings 1 and 2 have different secrets for same ID/timestamp\n");
1131 printf (
" %d keys in test\n", ring1->
n_keys);