[gnome-keyring] [daemon] Bring back feature to save password for keys.
- From: Stefan Walter <stefw src gnome org>
- To: svn-commits-list gnome org
- Cc:
- Subject: [gnome-keyring] [daemon] Bring back feature to save password for keys.
- Date: Sun, 7 Feb 2010 17:36:50 +0000 (UTC)
commit e588dbb870c985ae10151bf2428d497027bb90d3
Author: Stef Walter <stef memberwebs com>
Date: Sun Feb 7 17:35:22 2010 +0000
[daemon] Bring back feature to save password for keys.
For encryption keys (like SSH) the feature to save their passwords
in the login keyring was disabled. Reimplement that with the
new prompt.
daemon/dbus/gkd-secret-unlock.c | 8 +----
daemon/login/gkd-login.c | 14 +++++++--
daemon/login/gkd-login.h | 2 +-
daemon/pkcs11/gkd-pkcs11-auth.c | 58 +++++++++++++++++++-------------------
daemon/prompt/gkd-prompt.c | 8 +++++
daemon/prompt/gkd-prompt.h | 2 +
6 files changed, 53 insertions(+), 39 deletions(-)
---
diff --git a/daemon/dbus/gkd-secret-unlock.c b/daemon/dbus/gkd-secret-unlock.c
index c50a1ce..1df91be 100644
--- a/daemon/dbus/gkd-secret-unlock.c
+++ b/daemon/dbus/gkd-secret-unlock.c
@@ -248,7 +248,6 @@ attach_credential_to_login (GP11Object *collection, GP11Object *cred)
gsize n_value;
gchar *location;
gchar *label;
- gchar *display;
g_assert (GP11_IS_OBJECT (collection));
g_assert (GP11_IS_OBJECT (cred));
@@ -260,13 +259,10 @@ attach_credential_to_login (GP11Object *collection, GP11Object *cred)
label = label_string_for_attributes (attrs);
gp11_attributes_unref (attrs);
- display = g_strdup_printf (_("Unlock password for %s keyring"), label);
- g_free (label);
-
value = gp11_object_get_data_full (cred, CKA_VALUE, egg_secure_realloc, NULL, &n_value, &error);
if (value) {
if (g_utf8_validate (value, n_value, NULL))
- gkd_login_attach_secret (display, value, "keyring", location, NULL);
+ gkd_login_attach_secret (label, value, "keyring", location, NULL);
else
g_warning ("couldn't save non utf-8 unlock credentials in login keyring");
egg_secure_clear (value, n_value);
@@ -278,7 +274,7 @@ attach_credential_to_login (GP11Object *collection, GP11Object *cred)
}
g_free (location);
- g_free (display);
+ g_free (label);
}
static void
diff --git a/daemon/login/gkd-login.c b/daemon/login/gkd-login.c
index 704477c..61308f3 100644
--- a/daemon/login/gkd-login.c
+++ b/daemon/login/gkd-login.c
@@ -28,6 +28,8 @@
#include "pkcs11/gkd-pkcs11.h"
#include "pkcs11/pkcs11i.h"
+#include <glib/gi18n.h>
+
#include <string.h>
static gint unlock_failures = 0;
@@ -562,18 +564,19 @@ find_login_keyring_item (GP11Session *session, GP11Attribute *fields)
}
void
-gkd_login_attach_secret (const gchar *display_name, const gchar *secret,
+gkd_login_attach_secret (const gchar *label, const gchar *secret,
const gchar *first, ...)
{
GError *error = NULL;
GP11Attribute fields;
GP11Session *session;
GP11Module *module;
+ gchar *display_name;
GP11Object* item;
va_list va;
- if (display_name == NULL)
- display_name = "";
+ if (label == NULL)
+ label = _("Unnamed");
if (secret == NULL)
secret = "";
@@ -585,6 +588,8 @@ gkd_login_attach_secret (const gchar *display_name, const gchar *secret,
string_attribute_list_va (va, first, &fields);
va_end(va);
+ display_name = g_strdup_printf (_("Unlock password for: %s"), label);
+
item = find_login_keyring_item (session, &fields);
if (item) {
gp11_object_set (item, &error,
@@ -593,6 +598,7 @@ gkd_login_attach_secret (const gchar *display_name, const gchar *secret,
GP11_INVALID);
} else {
item = gp11_session_create_object (session, &error,
+ CKA_TOKEN, GP11_BOOLEAN, TRUE,
CKA_CLASS, GP11_ULONG, CKO_SECRET_KEY,
CKA_LABEL, strlen (display_name), display_name,
CKA_VALUE, strlen (secret), secret,
@@ -608,6 +614,8 @@ gkd_login_attach_secret (const gchar *display_name, const gchar *secret,
if (item)
g_object_unref (item);
+ g_free (display_name);
+ gp11_attribute_clear (&fields);
g_object_unref (session);
g_object_unref (module);
}
diff --git a/daemon/login/gkd-login.h b/daemon/login/gkd-login.h
index 7948b20..89157b1 100644
--- a/daemon/login/gkd-login.h
+++ b/daemon/login/gkd-login.h
@@ -35,7 +35,7 @@ gboolean gkd_login_did_unlock_fail (void);
gboolean gkd_login_is_usable (void);
-void gkd_login_attach_secret (const gchar *display_name,
+void gkd_login_attach_secret (const gchar *label,
const gchar *secret,
const gchar *first,
...);
diff --git a/daemon/pkcs11/gkd-pkcs11-auth.c b/daemon/pkcs11/gkd-pkcs11-auth.c
index e9cc232..a9f519b 100644
--- a/daemon/pkcs11/gkd-pkcs11-auth.c
+++ b/daemon/pkcs11/gkd-pkcs11-auth.c
@@ -298,10 +298,11 @@ init_user_prompt (CK_SESSION_HANDLE handle, CK_TOKEN_INFO *info,
gkd_prompt_set_secondary_text (prompt, secondary);
g_free (secondary);
-#if 0
- if (gkd_login_is_usable ())
- gkd_ask_request_set_check_option (ask, _("Automatically unlock secure storage when I log in."));
-#endif
+ if (gkd_login_is_usable ()) {
+ gkd_prompt_show_widget (prompt, "details_area");
+ gkd_prompt_show_widget (prompt, "lock_area");
+ gkd_prompt_hide_widget (prompt, "options_area");
+ }
/* Prompt the user */
gkd_prompt_request_attention_async (NULL, on_prompt_attention, prompt, NULL);
@@ -315,17 +316,15 @@ init_user_prompt (CK_SESSION_HANDLE handle, CK_TOKEN_INFO *info,
/* Successful response */
} else {
password = gkd_prompt_get_password (prompt, "password");
- password_to_pin (password, pin, pin_len);
-#if 0
- if (ask->checked) {
- gkd_login_attach_secret (label, ask->typed_password,
+ if (gkd_prompt_get_unlock_auto (prompt)) {
+ gkd_login_attach_secret (label, password,
"manufacturer", manufacturer,
"serial-number", serial,
NULL);
}
-#endif
+ password_to_pin (password, pin, pin_len);
ret = TRUE;
}
@@ -465,10 +464,11 @@ login_specific_prompt (CK_SESSION_HANDLE handle, CK_SESSION_INFO *info,
gkd_prompt_set_secondary_text (prompt, secondary);
g_free (secondary);
-#if 0
- if (object->unique && gkd_login_is_usable ())
- gkd_ask_request_set_check_option (ask, prepare_specific_check (object->klass));
-#endif
+ if (object->unique && gkd_login_is_usable ()) {
+ gkd_prompt_show_widget (prompt, "details_area");
+ gkd_prompt_show_widget (prompt, "lock_area");
+ gkd_prompt_hide_widget (prompt, "options_area");
+ }
/* Prompt the user */
gkd_prompt_request_attention_sync (NULL, on_prompt_attention, prompt, NULL);
@@ -479,16 +479,15 @@ login_specific_prompt (CK_SESSION_HANDLE handle, CK_SESSION_INFO *info,
/* Successful response */
else if (gkd_prompt_get_response (prompt) == GKD_RESPONSE_OK) {
password = gkd_prompt_get_password (prompt, "password");
- password_to_pin (password, pin, pin_len);
- ret = TRUE;
-#if 0
/* Store forever */
- if (ask->checked && object->unique && object->token) {
- gkd_login_attach_secret (object->label, ask->typed_password,
+ if (gkd_prompt_get_unlock_auto (prompt) && object->unique && object->token) {
+ gkd_login_attach_secret (object->label, password,
"unique", object->unique, NULL);
}
-#endif
+
+ password_to_pin (password, pin, pin_len);
+ ret = TRUE;
/* Other failures etc... */
} else {
@@ -601,10 +600,11 @@ login_user_prompt (CK_SESSION_HANDLE handle, CK_TOKEN_INFO *info,
gkd_prompt_set_secondary_text (prompt, secondary);
g_free (secondary);
-#if 0
- if (gkd_login_is_usable ())
- gkd_ask_request_set_check_option (ask, _("Automatically unlock secure storage when I log in."));
-#endif
+ if (gkd_login_is_usable ()) {
+ gkd_prompt_show_widget (prompt, "details_area");
+ gkd_prompt_show_widget (prompt, "lock_area");
+ gkd_prompt_hide_widget (prompt, "options_area");
+ }
/* Prompt the user */
gkd_prompt_request_attention_sync (NULL, on_prompt_attention, prompt, NULL);
@@ -619,17 +619,17 @@ login_user_prompt (CK_SESSION_HANDLE handle, CK_TOKEN_INFO *info,
/* Successful response */
} else {
password = gkd_prompt_get_password (prompt, "password");
- password_to_pin (password, pin, pin_len);
- ret = TRUE;
-#if 0
+
/* Store forever */
- if (ask->checked) {
- gkd_login_attach_secret (label, ask->typed_password,
+ if (gkd_prompt_get_unlock_auto (prompt)) {
+ gkd_login_attach_secret (label, password,
"manufacturer", manufacturer,
"serial-number", serial,
NULL);
}
-#endif
+
+ password_to_pin (password, pin, pin_len);
+ ret = TRUE;
}
g_free (manufacturer);
diff --git a/daemon/prompt/gkd-prompt.c b/daemon/prompt/gkd-prompt.c
index a8281f3..5c63833 100644
--- a/daemon/prompt/gkd-prompt.c
+++ b/daemon/prompt/gkd-prompt.c
@@ -881,6 +881,14 @@ gkd_prompt_set_unlock_options (GkdPrompt *self, GP11Attributes *attrs)
g_key_file_set_integer (self->pv->input, "unlock-options", "unlock-timeout", (int)uval);
}
+gboolean
+gkd_prompt_get_unlock_auto (GkdPrompt *self)
+{
+ g_return_val_if_fail (GKD_IS_PROMPT (self), FALSE);
+ g_return_val_if_fail (self->pv->output, FALSE);
+ return g_key_file_get_boolean (self->pv->output, "unlock-options", "unlock-auto", NULL);
+}
+
/* ----------------------------------------------------------------------------------
* ATTENTION QUEUES
*/
diff --git a/daemon/prompt/gkd-prompt.h b/daemon/prompt/gkd-prompt.h
index 9910a9f..b1ce18b 100644
--- a/daemon/prompt/gkd-prompt.h
+++ b/daemon/prompt/gkd-prompt.h
@@ -118,6 +118,8 @@ void gkd_prompt_get_unlock_options (GkdPrompt *self,
void gkd_prompt_set_unlock_options (GkdPrompt *self,
GP11Attributes *attrs);
+gboolean gkd_prompt_get_unlock_auto (GkdPrompt *self);
+
gboolean gkd_prompt_is_widget_selected (GkdPrompt *prompt,
const gchar *widget);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
