146
connect_to_daemon (const char *path)
146
connect_to_daemon (const char *control)
148
char path[MAXPATHLEN];
148
149
struct sockaddr_un addr;
152
/* First a bunch of checks to make sure nothing funny is going on */
153
/* Build up the directory name */
154
if (strlen (control) + strlen ("/control") + 1 >= MAXPATHLEN) {
155
syslog (GKR_LOG_ERR, "The gnome keyring socket directory is too long");
158
strcpy (path, control);
159
strcat (path, "/control");
161
/* A bunch of checks to make sure nothing funny is going on */
154
162
if (lstat (path, &st) < 0) {
155
syslog (GKR_LOG_ERR, "Couldn't access gnome keyring socket: %s: %s",
163
syslog (GKR_LOG_ERR, "Couldn't access gnome keyring socket: %s: %s",
156
164
path, strerror (errno));
177
185
sock = socket (AF_UNIX, SOCK_STREAM, 0);
179
syslog (GKR_LOG_ERR, "couldn't create socket: %s", strerror (errno));
187
syslog (GKR_LOG_ERR, "couldn't create control socket: %s", strerror (errno));
184
192
fcntl (sock, F_SETFD, 1);
186
194
if (connect (sock, (struct sockaddr*) &addr, sizeof (addr)) < 0) {
187
syslog (GKR_LOG_ERR, "couldn't connect to daemon at: %s: %s",
195
syslog (GKR_LOG_ERR, "couldn't connect to gnome-keyring-daemon socket at: %s: %s",
188
196
path, strerror (errno));
211
write_part (int fd, const unsigned char *data, int len, GnomeKeyringResult *res)
219
write_part (int fd, const unsigned char *data, int len, int *res)
215
223
/* Already an error present */
216
if (*res != GNOME_KEYRING_RESULT_OK)
224
if (*res != GKD_CONTROL_RESULT_OK)
264
static GnomeKeyringResult
265
keyring_daemon_op (const char *socket, GnomeKeyringOpCode op, int argc,
273
keyring_daemon_op (const char *control, int op, int argc, const char* argv[])
268
GnomeKeyringResult ret = GNOME_KEYRING_RESULT_OK;
275
int ret = GKD_CONTROL_RESULT_OK;
269
276
unsigned char buf[4];
270
277
int i, sock = -1;
276
283
* We only support operations with zero or more strings
277
284
* and an empty (only result code) return.
280
assert (op == GNOME_KEYRING_OP_UNLOCK_KEYRING ||
281
op == GNOME_KEYRING_OP_CREATE_KEYRING ||
282
op == GNOME_KEYRING_OP_CHANGE_KEYRING_PASSWORD);
287
assert (op == GKD_CONTROL_OP_CHANGE || op == GKD_CONTROL_OP_UNLOCK);
284
sock = connect_to_daemon (socket);
289
sock = connect_to_daemon (control);
290
/* Send the application packet / name */
291
egg_buffer_encode_uint32 (buf, PAM_APP_NAME_LEN + 8);
292
write_part (sock, buf, 4, &ret);
293
egg_buffer_encode_uint32 (buf, PAM_APP_NAME_LEN);
294
write_part (sock, buf, 4, &ret);
295
write_part (sock, (unsigned char*)PAM_APP_NAME, PAM_APP_NAME_LEN, &ret);
297
295
/* Calculate the packet length */
298
296
oplen = 8; /* The packet size, and op code */
299
297
for (i = 0; i < argc; ++i)
317
315
write_part (sock, (unsigned char*)argv[i], l, &ret);
320
if (ret != GNOME_KEYRING_RESULT_OK)
318
if (ret != GKD_CONTROL_RESULT_OK)
323
321
/* Read the response length */
324
322
if (read_part (sock, buf, 4) != 4) {
325
ret = GNOME_KEYRING_RESULT_IO_ERROR;
323
ret = GKD_CONTROL_RESULT_FAILED;
330
328
l = egg_buffer_decode_uint32 (buf);
332
330
syslog (GKR_LOG_ERR, "invalid length response from gnome-keyring-daemon: %d", l);
333
ret = GNOME_KEYRING_RESULT_IO_ERROR;
331
ret = GKD_CONTROL_RESULT_FAILED;
337
335
if (read_part (sock, buf, 4) != 4) {
338
ret = GNOME_KEYRING_RESULT_IO_ERROR;
336
ret = GKD_CONTROL_RESULT_FAILED;
341
339
ret = egg_buffer_decode_uint32 (buf);
351
gkr_pam_client_run_operation (struct passwd *pwd, const char *socket,
352
GnomeKeyringOpCode op, int argc, const char* argv[])
349
gkr_pam_client_run_operation (struct passwd *pwd, const char *control,
350
int op, int argc, const char* argv[])
354
352
struct sigaction ignpipe, oldpipe, defchld, oldchld;
355
GnomeKeyringResult res;
371
369
pwd->pw_uid == geteuid () && pwd->pw_gid == getegid ()) {
373
371
/* Already running as the right user, simple */
374
res = keyring_daemon_op (socket, op, argc, argv);
372
res = keyring_daemon_op (control, op, argc, argv);
389
387
setegid (pwd->pw_gid) < 0 || seteuid (pwd->pw_uid) < 0) {
390
388
syslog (GKR_LOG_ERR, "gkr-pam: couldn't switch to user: %s: %s",
391
389
pwd->pw_name, strerror (errno));
392
exit (GNOME_KEYRING_RESULT_IO_ERROR);
390
exit (GKD_CONTROL_RESULT_FAILED);
395
res = keyring_daemon_op (socket, op, argc, argv);
393
res = keyring_daemon_op (control, op, argc, argv);
397
395
return 0; /* Never reached */
401
399
if (wait (&status) != pid) {
402
400
syslog (GKR_LOG_ERR, "gkr-pam: couldn't wait on child process: %s",
403
401
strerror (errno));
404
res = GNOME_KEYRING_RESULT_IO_ERROR;
402
res = GKD_CONTROL_RESULT_FAILED;
407
405
res = WEXITSTATUS (status);