1 /*
2 * gnome-keyring
3 *
4 * Copyright (C) 2008 Stefan Walter
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU Lesser General Public License as
8 * published by the Free Software Foundation; either version 2.1 of
9 * the License, or (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this program; if not, see
18 * <http://www.gnu.org/licenses/>.
19 */
20
21 #include "config.h"
22
23 #include "gkd-secret-lock.h"
24 #include "gkd-secret-service.h"
25
26 #include "egg/egg-error.h"
27
28 #include "pkcs11/pkcs11i.h"
29
30 #include <gck/gck.h>
31
32 gboolean
gkd_secret_lock(GckObject * collection,GError ** error_out)33 gkd_secret_lock (GckObject *collection,
34 GError **error_out)
35 {
36 GckBuilder builder = GCK_BUILDER_INIT;
37 GError *error = NULL;
38 GList *objects, *l;
39 GckSession *session;
40
41 gck_builder_add_ulong (&builder, CKA_CLASS, CKO_G_CREDENTIAL);
42 gck_builder_add_ulong (&builder, CKA_G_OBJECT, gck_object_get_handle (collection));
43
44 session = gck_object_get_session (collection);
45 g_return_val_if_fail (session, FALSE);
46
47 objects = gck_session_find_objects (session, gck_builder_end (&builder), NULL, &error);
48
49 g_object_unref (session);
50
51 if (error != NULL) {
52 g_warning ("couldn't search for credential objects: %s", egg_error_message (error));
53 g_set_error_literal (error_out, G_DBUS_ERROR,
54 G_DBUS_ERROR_FAILED,
55 "Couldn't lock collection");
56 g_clear_error (&error);
57 return FALSE;
58 }
59
60 for (l = objects; l; l = g_list_next (l)) {
61 if (!gck_object_destroy (l->data, NULL, &error)) {
62 g_warning ("couldn't destroy credential object: %s", egg_error_message (error));
63 g_clear_error (&error);
64 }
65 }
66
67 gck_list_unref_free (objects);
68 return TRUE;
69 }
70
71 gboolean
gkd_secret_lock_all(GckSession * session,GError ** error_out)72 gkd_secret_lock_all (GckSession *session,
73 GError **error_out)
74 {
75 GckBuilder builder = GCK_BUILDER_INIT;
76 GError *error = NULL;
77 GList *objects, *l;
78
79 /* Lock all the main collections */
80 gck_builder_add_ulong (&builder, CKA_CLASS, CKO_G_CREDENTIAL);
81 gck_builder_add_boolean (&builder, CKA_GNOME_TRANSIENT, TRUE);
82
83 objects = gck_session_find_objects (session, gck_builder_end (&builder), NULL, &error);
84 if (error != NULL) {
85 g_warning ("couldn't search for credential objects: %s", egg_error_message (error));
86 g_set_error (error_out, G_DBUS_ERROR, G_DBUS_ERROR_FAILED, "Couldn't lock service");
87 g_clear_error (&error);
88 return FALSE;
89 }
90
91 for (l = objects; l; l = g_list_next (l)) {
92 if (!gck_object_destroy (l->data, NULL, &error)) {
93 g_warning ("couldn't destroy credential object: %s", egg_error_message (error));
94 g_clear_error (&error);
95 }
96 }
97
98 /* Now delete all session objects */
99 gck_builder_add_ulong (&builder, CKA_CLASS, CKO_SECRET_KEY);
100 gck_builder_add_string (&builder, CKA_G_COLLECTION, "session");
101
102 objects = gck_session_find_objects (session, gck_builder_end (&builder), NULL, &error);
103 if (error != NULL) {
104 g_warning ("couldn't search for session items: %s", egg_error_message (error));
105 g_set_error (error_out, G_DBUS_ERROR, G_DBUS_ERROR_FAILED, "Couldn't lock service");
106 g_clear_error (&error);
107 return FALSE;
108 }
109
110 for (l = objects; l; l = g_list_next (l)) {
111 if (!gck_object_destroy (l->data, NULL, &error)) {
112 g_warning ("couldn't destroy session item: %s", egg_error_message (error));
113 g_clear_error (&error);
114 }
115 }
116
117 gck_list_unref_free (objects);
118 return TRUE;
119 }
120