Hello Stefan,
Which service are you using for the tests? In my tests I've realized SSH
calls both get_identity() and confirm_ca_certificate() twice, but others
(gss-server or Apache) do not. Might that be the cause of this duplication?
Regards,
Alejandro
El 08/02/18 a las 15:40, Stefan Paetow escribió:
>> I can only see get_default_identity() being called once in util_moonshot.c:libMoonshotResolveDefaultIdentity(), which is called once from util_cred.c:gssResolveCredIdentity().
>>
>> Where are you seeing it called twice?
> Here's a trace I generated:
>
> -- start of trace --
>
> LIBMOONSHOT: Entered moonshot_get_identity(nai, password, service, ...)
> LIBMOONSHOT: Entered *get_dbus_proxy(...)
> LIBMOONSHOT: Entered *dbus_connect(...)
> LIBMOONSHOT: dbus_g_bus_get(DBUS_BUS_SESSION, ...)
> LIBMOONSHOT: dbconnection = dbus_g_connection_get_connection(connection)
> TRACE: IdentityManagerModel: store_type=IIDENTITY_CARD_STORE_STORE_TYPE_KEYRING
> TRACE: clear
> TRACE: load_id_cards
> TRACE: clear
> TRACE: load_id_cards: Loading card with display name 'No Identity'
> TRACE: add_id_card_widget: id_card.nai='@'; selected nai='[null selection]'
> TRACE: load_id_cards: Loading card with display name 'Steve @ This'
> TRACE: add_id_card_widget: [log in to unmask]; selected nai='[null selection]'
> TRACE: load_id_cards: Loading card with display name 'No Identity' and nai '@'
> TRACE: load_id_cards: Loading card with display name 'Steve @ This' and nai [log in to unmask]
> TRACE: MoonshotServer.<constructor>; app=non-null
> TRACE: main: explicitly_launched=false
> TRACE: bus_acquired_cb
> LIBMOONSHOT: g_proxy = dbus_g_proxy_new_for_name_owner(connection, ...)
> TRACE: init_ipc_server: name_acquired_closure; show_requested=false; conn=non-null; name='org.janet.Moonshot'
> TRACE: MoonshotServer.get_identity: nai=''; service='host/localhost'
> TRACE: MoonshotServer.get_identity: Calling request.execute()
> TRACE: select_identity: request.nai=
> TRACE: select_identity: No candidates; using service matching rules.
> TRACE: select_identity: Have 0 candidates; user must make selection.
> TRACE: clear
> TRACE: add_id_card_widget: id_card.nai='@'; selected nai='[null selection]'
> TRACE: add_id_card_widget: [log in to unmask]; selected nai='[null selection]'
> TRACE: MoonshotServer.get_identity: Back from request.execute()
> TRACE: widget_selected_cb: id_card_widget.id_card.display_name='Steve @ This'
> TRACE: check_add_password
> TRACE: clear
> TRACE: add_id_card_widget: id_card.nai='@'; selected [log in to unmask]
> TRACE: add_id_card_widget: [log in to unmask]; selected [log in to unmask]
> TRACE: add_id_card_widget: Expanding selected idcard widget
> TRACE: return_identity: duplicate_service=false
> TRACE: return_identity: calling add_service
> TRACE: return_identity: back from add_service
> TRACE: update_card
> TRACE: update_card
> TRACE: store_id_cards
> TRACE: on_card_list_changed
> TRACE: load_id_cards
> TRACE: clear
> TRACE: load_id_cards: Loading card with display name 'No Identity'
> TRACE: add_id_card_widget: id_card.nai='@'; selected [log in to unmask]
> TRACE: load_id_cards: Loading card with display name 'Steve @ This'
> TRACE: add_id_card_widget: [log in to unmask]; selected [log in to unmask]
> TRACE: add_id_card_widget: Expanding selected idcard widget
> TRACE: return_identity: invoking callback
> TRACE: MoonshotServer.get_identity: back from yield
> TRACE: MoonshotServer.get_identity: returning with [log in to unmask]
> LIBMOONSHOT: Entered *get_dbus_proxy(...)
> LIBMOONSHOT: Entered moonshot_confirm_ca_certificate(identity_name, realm, ...)
> TRACE: MoonshotServer.confirm_ca_certificate: nai='steve'; realm='example.com'; ca_hash='E2E7F16C56A104AE39882BB36CB2BB5F4EC8A1F7DC4F3F54BC86AE39DE9B93C9'
> TRACE: execute: expected cert='E2E7F16C56A104AE39882BB36CB2BB5F4EC8A1F7DC4F3F54BC86AE39DE9B93C9'; fingerprint='E2E7F16C56A104AE39882BB36CB2BB5F4EC8A1F7DC4F3F54BC86AE39DE9B93C9'
> TRACE: execute: Fingerprint for [log in to unmask] matches stored value; returning true.
> TRACE: return_confirmation: confirmed=true
> TRACE: return_confirmation[Idle handler]: invoking callback
> TRACE: MoonshotServer.confirm_ca_certificate: confirmed=1
>
> -- end of trace --
>
> With Regards
>
> Stefan Paetow
> Consultant, Trust and Identity
>
> t: +44 (0)1235 822 125
> gpg: 0x3FCE5142
> xmpp: [log in to unmask]
> skype: stefan.paetow.janet
>
> jisc.ac.uk
>
> Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800.
>
>
|