[CCode (cname = "sqlite3_randomness")] public extern void randomness (int N, void *P); [GtkTemplate (ui = "/eu/callcc/audrey/setup.ui")] public class Setup : Adw.PreferencesDialog { public string status { get; private set; default = _("Not connected"); } public bool authn_can_edit { get; private set; default = true; } public bool authn_can_validate { get; private set; default = false; } public string server_url { get; set; default = ""; } public string username { get; set; default = ""; } public string password { get; set; default = ""; } public string token; public string salt; public signal void connected (Subsonic api); private Sqlite.Database db; private Sqlite.Statement db_get; private Sqlite.Statement db_set; construct { var app_config_dir = Path.build_filename (Environment.get_user_config_dir (), "audrey"); try { File.new_build_filename (app_config_dir).make_directory_with_parents (); } catch (Error e) { // just ignore if the directory already existed } int ec = Sqlite.Database.open (Path.build_filename (app_config_dir, "config.db"), out this.db); assert (ec == Sqlite.OK); ec = this.db.exec (""" CREATE TABLE IF NOT EXISTS Setup (key UNIQUE, value); """, null, null); assert (ec == Sqlite.OK); ec = this.db.prepare_v2 ("""SELECT value FROM Setup WHERE key IS ?1""", -1, out this.db_get); assert (ec == Sqlite.OK); ec = this.db.prepare_v2 ("""INSERT OR REPLACE INTO Setup VALUES (?1, ?2)""", -1, out this.db_set); assert (ec == Sqlite.OK); } [GtkCallback] private void on_authn_changed () { this.authn_can_validate = true; } [GtkCallback] private void on_authn_validate_activated () { this.authn_can_validate = false; this.authn_can_edit = false; this.status = _("Connecting..."); string new_token, new_salt; if (this.password != "") { this.salt_password (this.password, out new_token, out new_salt); } else { new_token = this.token; new_salt = this.salt; } var api = new Subsonic.with_token ( this.server_url, this.username, new_token, new_salt); api.ping.begin ((obj, res) => { try { api.ping.end (res); this.status = _("Connected"); this.token = new_token; this.salt = new_salt; this.save (); this.connected (api); } catch (Error e) { this.status = @"$(_("Ping failed")): $(e.message)"; this.authn_can_validate = true; } this.authn_can_edit = true; }); } public void load () { this.db_get.bind_text (1, "server_url"); if (this.db_get.step () == Sqlite.ROW) { this.server_url = this.db_get.column_text (0); } else { this.server_url = ""; } assert (this.db_get.reset () == Sqlite.OK); this.db_get.bind_text (1, "username"); if (this.db_get.step () == Sqlite.ROW) { this.username = this.db_get.column_text (0); } else { this.username = ""; } assert (this.db_get.reset () == Sqlite.OK); this.db_get.bind_text (1, "token"); if (this.db_get.step () == Sqlite.ROW) { this.token = this.db_get.column_text (0); } else { this.token = ""; } assert (this.db_get.reset () == Sqlite.OK); this.db_get.bind_text (1, "salt"); if (this.db_get.step () == Sqlite.ROW) { this.salt = this.db_get.column_text (0); } else { this.salt = ""; } assert (this.db_get.reset () == Sqlite.OK); this.password = ""; // first connection this.authn_can_validate = true; this.on_authn_validate_activated (); } private void salt_password (string password, out string token, out string salt) { uchar salt_bytes[8]; randomness (8, salt_bytes); uchar salt_chars[17]; for (int i = 0; i < 8; i += 1) { salt_chars[2*i+0] = "0123456789abcdef"[(salt_bytes[i]>>4)&0xf]; salt_chars[2*i+1] = "0123456789abcdef"[(salt_bytes[i]>>0)&0xf]; } salt_chars[16] = 0; var checksum = new Checksum (ChecksumType.MD5); checksum.update ((uchar[]) password, -1); checksum.update (salt_chars, 16); token = checksum.get_string (); salt = (string) salt_chars; } public void save () { this.db_set.bind_text (1, "server_url"); this.db_set.bind_text (2, this.server_url); assert (this.db_set.step () == Sqlite.DONE); assert (this.db_set.reset () == Sqlite.OK); this.db_set.bind_text (1, "username"); this.db_set.bind_text (2, this.username); assert (this.db_set.step () == Sqlite.DONE); assert (this.db_set.reset () == Sqlite.OK); this.db_set.bind_text (1, "token"); this.db_set.bind_text (2, this.token); assert (this.db_set.step () == Sqlite.DONE); assert (this.db_set.reset () == Sqlite.OK); this.db_set.bind_text (1, "salt"); this.db_set.bind_text (2, this.salt); assert (this.db_set.step () == Sqlite.DONE); assert (this.db_set.reset () == Sqlite.OK); this.password = ""; } }