From e254c0add860a0e320d9b0a44da135223a7c24ed Mon Sep 17 00:00:00 2001 From: Debarshi Ray Date: Tue, 20 Oct 2020 17:23:11 +0200 Subject: [PATCH 1/4] kerberos-identity-manager: Style fixes https://gitlab.gnome.org/GNOME/gnome-online-accounts/-/merge_requests/61 --- src/goaidentity/goakerberosidentitymanager.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/goaidentity/goakerberosidentitymanager.c b/src/goaidentity/goakerberosidentitymanager.c index c35aa8b6..166a3f3e 100644 --- a/src/goaidentity/goakerberosidentitymanager.c +++ b/src/goaidentity/goakerberosidentitymanager.c @@ -1,6 +1,6 @@ /* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */ /* - * Copyright © 2012 – 2017 Red Hat, Inc. + * Copyright © 2012 – 2020 Red Hat, Inc. * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public @@ -833,9 +833,11 @@ get_new_credentials_cache (GoaKerberosIdentityManager *self, self->credentials_cache_type); supports_multiple_identities = FALSE; } - else if (g_strcmp0 (self->credentials_cache_type, "DIR") == 0 || g_strcmp0 (self->credentials_cache_type, "KEYRING") == 0) + else if (g_strcmp0 (self->credentials_cache_type, "DIR") == 0 + || g_strcmp0 (self->credentials_cache_type, "KEYRING") == 0) { - g_debug ("GoaKerberosIdentityManager: credential cache type %s supports cache collections", self->credentials_cache_type); + g_debug ("GoaKerberosIdentityManager: credential cache type %s supports cache collections", + self->credentials_cache_type); supports_multiple_identities = TRUE; } else -- GitLab From e1b3aec4ef24e72e483a6ac8c963df697da3309a Mon Sep 17 00:00:00 2001 From: Debarshi Ray Date: Tue, 20 Oct 2020 18:05:13 +0200 Subject: [PATCH 2/4] kerberos-identity-manager: List KCM as supporting multiple identities https://gitlab.gnome.org/GNOME/gnome-online-accounts/-/merge_requests/61 --- src/goaidentity/goakerberosidentitymanager.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/goaidentity/goakerberosidentitymanager.c b/src/goaidentity/goakerberosidentitymanager.c index 166a3f3e..9657881f 100644 --- a/src/goaidentity/goakerberosidentitymanager.c +++ b/src/goaidentity/goakerberosidentitymanager.c @@ -834,6 +834,7 @@ get_new_credentials_cache (GoaKerberosIdentityManager *self, supports_multiple_identities = FALSE; } else if (g_strcmp0 (self->credentials_cache_type, "DIR") == 0 + || g_strcmp0 (self->credentials_cache_type, "KCM") == 0 || g_strcmp0 (self->credentials_cache_type, "KEYRING") == 0) { g_debug ("GoaKerberosIdentityManager: credential cache type %s supports cache collections", -- GitLab From f700eb8bcd56bd63cce1e8832f9c94b04ef1379d Mon Sep 17 00:00:00 2001 From: Debarshi Ray Date: Tue, 20 Oct 2020 19:46:11 +0200 Subject: [PATCH 3/4] kerberos-identity-manager: Shuffle some code around A subsequent commit will start using notifications from Kerberos KCM credential caches as supported by the KCM implementation in SSSD. This rearranges the code to make it easier to enable notifications for different credential cache types. https://gitlab.gnome.org/GNOME/gnome-online-accounts/-/merge_requests/61 --- src/goaidentity/goakerberosidentitymanager.c | 57 +++++++++----------- 1 file changed, 26 insertions(+), 31 deletions(-) diff --git a/src/goaidentity/goakerberosidentitymanager.c b/src/goaidentity/goakerberosidentitymanager.c index 9657881f..50db6ed7 100644 --- a/src/goaidentity/goakerberosidentitymanager.c +++ b/src/goaidentity/goakerberosidentitymanager.c @@ -1341,7 +1341,6 @@ monitor_credentials_cache (GoaKerberosIdentityManager *self, GFileMonitor *monitor = NULL; krb5_error_code error_code; GError *monitoring_error = NULL; - gboolean can_monitor = TRUE; error_code = krb5_cc_default (self->kerberos_context, &default_cache); @@ -1362,13 +1361,6 @@ monitor_credentials_cache (GoaKerberosIdentityManager *self, cache_type = krb5_cc_get_type (self->kerberos_context, default_cache); g_assert (cache_type != NULL); - if (strcmp (cache_type, "FILE") != 0 && strcmp (cache_type, "DIR") != 0) - { - g_warning ("GoaKerberosIdentityManager: Using polling for change notification for credential cache type '%s'", - cache_type); - can_monitor = FALSE; - } - g_free (self->credentials_cache_type); self->credentials_cache_type = g_strdup (cache_type); @@ -1390,38 +1382,41 @@ monitor_credentials_cache (GoaKerberosIdentityManager *self, if (cache_path[0] == ':') cache_path++; - if (can_monitor) + if (strcmp (cache_type, "FILE") == 0) { GFile *file; file = g_file_new_for_path (cache_path); monitoring_error = NULL; - if (strcmp (cache_type, "FILE") == 0) - { - monitor = g_file_monitor_file (file, - G_FILE_MONITOR_NONE, - NULL, - &monitoring_error); - } - else if (strcmp (cache_type, "DIR") == 0) - { - GFile *directory; + monitor = g_file_monitor_file (file, G_FILE_MONITOR_NONE, NULL, &monitoring_error); - directory = g_file_get_parent (file); - monitor = g_file_monitor_directory (directory, - G_FILE_MONITOR_NONE, - NULL, - &monitoring_error); - g_object_unref (directory); + g_object_unref (file); + } + else if (strcmp (cache_type, "DIR") == 0) + { + GFile *directory; + GFile *file; - } + file = g_file_new_for_path (cache_path); + directory = g_file_get_parent (file); + + monitoring_error = NULL; + monitor = g_file_monitor_directory (directory, G_FILE_MONITOR_NONE, NULL, &monitoring_error); + + g_object_unref (directory); g_object_unref (file); } if (monitor == NULL) { - if (monitoring_error != NULL) + if (monitoring_error == NULL) + { + g_warning ("GoaKerberosIdentityManager: Using polling for change notification for credential " + "cache type '%s'", + cache_type); + } + else { g_warning ("GoaKerberosIdentityManager: Could not monitor credentials for %s (type %s), reverting to " "polling: %s", @@ -1430,7 +1425,10 @@ monitor_credentials_cache (GoaKerberosIdentityManager *self, monitoring_error != NULL? monitoring_error->message : ""); g_clear_error (&monitoring_error); } - can_monitor = FALSE; + + self->polling_timeout_id = g_timeout_add_seconds (FALLBACK_POLLING_INTERVAL, + (GSourceFunc) on_polling_timeout, + self); } else { @@ -1438,9 +1436,6 @@ monitor_credentials_cache (GoaKerberosIdentityManager *self, self->credentials_cache_monitor = monitor; } - if (!can_monitor) - self->polling_timeout_id = g_timeout_add_seconds (FALLBACK_POLLING_INTERVAL, (GSourceFunc) on_polling_timeout, self); - krb5_cc_close (self->kerberos_context, default_cache); return TRUE; -- GitLab From 9e7f91026c3aa420774d37ebec96a2e9e438556e Mon Sep 17 00:00:00 2001 From: Debarshi Ray Date: Tue, 20 Oct 2020 19:54:00 +0200 Subject: [PATCH 4/4] kerberos-identity-manager: Use notifications for KCM credential caches https://gitlab.gnome.org/GNOME/gnome-online-accounts/-/merge_requests/61 --- src/goaidentity/goakerberosidentitymanager.c | 30 ++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/src/goaidentity/goakerberosidentitymanager.c b/src/goaidentity/goakerberosidentitymanager.c index 50db6ed7..38014ab8 100644 --- a/src/goaidentity/goakerberosidentitymanager.c +++ b/src/goaidentity/goakerberosidentitymanager.c @@ -1407,6 +1407,36 @@ monitor_credentials_cache (GoaKerberosIdentityManager *self, g_object_unref (directory); g_object_unref (file); } + else if (strcmp (cache_type, "KCM") == 0) + { + GError *create_error = NULL; + GFile *directory = NULL; + GFile *file = NULL; + GFileOutputStream *stream = NULL; + const gchar *runtime_dir; + + runtime_dir = g_get_user_runtime_dir (); + directory = g_file_new_for_path (runtime_dir); + file = g_file_get_child (directory, ".kcm-notifications"); + + monitoring_error = NULL; + + stream = g_file_create (file, G_FILE_CREATE_NONE, NULL, &create_error); + if (create_error != NULL) + { + if (g_error_matches (create_error, G_IO_ERROR, G_IO_ERROR_EXISTS)) + g_error_free (create_error); + else + g_propagate_error (&monitoring_error, create_error); + } + + if (monitoring_error == NULL) + monitor = g_file_monitor_file (file, G_FILE_MONITOR_NONE, NULL, &monitoring_error); + + g_clear_object (&stream); + g_object_unref (directory); + g_object_unref (file); + } if (monitor == NULL) { -- GitLab