| 5d20ad97 | 2015-09-16 18:08:32 | Timothy Pearson |
Fix warnings regarding return value being ignored |
||
|
M tdm/backend/client.c |
||
diff --git a/tdm/backend/client.c b/tdm/backend/client.c
index 1dfd978..cb185bc 100644
--- a/tdm/backend/client.c
+++ b/tdm/backend/client.c
@@ -1114,7 +1114,9 @@
#ifdef HAVE_INITGROUPS
if (initgroups( name, gid ) < 0) {
LogError( "initgroups for %s failed: %m\n", name );
- setgid( 0 );
+ if (setgid(0) != 0) {
+ LogError("setgid(0) failed\n");
+ }
return 0;
}
#endif /* QNX4 doesn't support multi-groups, no initgroups() */
@@ -1642,7 +1644,10 @@
}
} else {
cdroot:
- chdir( "/" );
+ if (chdir( "/" ) != 0) {
+ LogError( "Cannot change directory to %s\n", "/" );
+ goto logerr;
+ }
tmperr:
ASPrintf( &lname, "/tmp/xerr-%s-%s", curuser, td->name );
unlink( lname );
@@ -1828,13 +1833,19 @@
exit( 0 );
if (!(data = iniLoad( fname ))) {
static const int m1 = -1;
- write( pfd[1], &m1, sizeof(int) );
- exit( 0 );
+ if (write(pfd[1], &m1, sizeof(int)) < 0) {
+ return GE_Error;
+ }
+ exit(0);
}
len = strlen( data );
- write( pfd[1], &len, sizeof(int) );
- write( pfd[1], data, len + 1 );
- exit( 0 );
+ if (write(pfd[1], &len, sizeof(int)) < 0) {
+ return GE_Error;
+ }
+ if (write(pfd[1], data, len + 1) < 0) {
+ return GE_Error;
+ }
+ exit(0);
}
close( pfd[1] );
free( fname );
|
||
| ce477303 | 2015-09-17 17:30:17 | Timothy Pearson |
Add initial cryptographic card login support Tested with themed greeter and SAK disabled |
||
|
A tdm/cryptocardwatcher/CMakeLists.txt A tdm/cryptocardwatcher/main.cpp A tdm/cryptocardwatcher/watcher.cc A tdm/cryptocardwatcher/watcher.h M kcheckpass/checkpass_pam.c M kcontrol/hwmanager/devicepropsdlg.cpp M kdesktop/lock/lockdlg.cc M kdesktop/lock/lockdlg.h M kdesktop/lock/lockprocess.cc M kdesktop/lock/lockprocess.h M kdesktop/lock/main.cc M kdesktop/lockeng.cc M kdesktop/lockeng.h M tdm/CMakeLists.txt M tdm/backend/client.c M tdm/kfrontend/CMakeLists.txt M tdm/kfrontend/kgapp.cpp M tdm/kfrontend/kgreeter.cpp M tdm/kfrontend/kgreeter.h M tdm/kfrontend/kgverify.cpp M tdm/kfrontend/kgverify.h M tdm/kfrontend/themer/tdmitem.cpp M tdm/kfrontend/themer/tdmitem.h M tdm/kfrontend/themer/tdmlabel.h M tdm/kfrontend/themer/tdmthemer.cpp M tdm/kfrontend/themer/tdmthemer.h M tdm/kfrontend/themes/circles/circles.xml M tdm/kfrontend/themes/minimalist/minimalist.xml M tdm/kfrontend/themes/o2_enterprise/enterprise.xml M tdmlib/dmctl.cpp M tdmlib/kgreet_classic.cpp M tdmlib/kgreet_classic.h M tdmlib/kgreet_pam.cpp M tdmlib/kgreet_pam.h M tdmlib/kgreet_winbind.cpp M tdmlib/kgreet_winbind.h M tdmlib/kgreeterplugin.h |
||
diff --git a/kcheckpass/checkpass_pam.c b/kcheckpass/checkpass_pam.c
index 7a35eed..b11148c 100644
--- a/kcheckpass/checkpass_pam.c
+++ b/kcheckpass/checkpass_pam.c
@@ -72,8 +72,20 @@
repl[count].resp = pd->conv(ConvGetNormal, msg[count]->msg);
break;
case PAM_PROMPT_ECHO_OFF:
- repl[count].resp =
- pd->conv(ConvGetHidden, pd->classic ? 0 : msg[count]->msg);
+ if (pd->classic) {
+ // WARNING
+ // This is far from foolproof, but it's the best we can do at this time...
+ // Try to detect PIN entry requests
+ if (strstr(msg[count]->msg, "PIN")) {
+ repl[count].resp = pd->conv(ConvGetHidden, msg[count]->msg);
+ }
+ else {
+ repl[count].resp = pd->conv(ConvGetHidden, 0);
+ }
+ }
+ else {
+ repl[count].resp = pd->conv(ConvGetHidden, msg[count]->msg);
+ }
break;
#ifdef PAM_BINARY_PROMPT
case PAM_BINARY_PROMPT:
diff --git a/kcontrol/hwmanager/devicepropsdlg.cpp b/kcontrol/hwmanager/devicepropsdlg.cpp
index a1ef81c..9946ede 100644
--- a/kcontrol/hwmanager/devicepropsdlg.cpp
+++ b/kcontrol/hwmanager/devicepropsdlg.cpp
@@ -779,8 +779,8 @@
if (m_device->type() == TDEGenericDeviceType::CryptographicCard) {
TDECryptographicCardDevice* cdevice = static_cast<TDECryptographicCardDevice*>(m_device);
- connect(cdevice, TQT_SIGNAL(cardInserted()), this, TQT_SLOT(cryptographicCardInserted()));
- connect(cdevice, TQT_SIGNAL(cardRemoved()), this, TQT_SLOT(cryptographicCardRemoved()));
+ connect(cdevice, TQT_SIGNAL(cardInserted(TDECryptographicCardDevice*)), this, TQT_SLOT(cryptographicCardInserted()));
+ connect(cdevice, TQT_SIGNAL(cardRemoved(TDECryptographicCardDevice*)), this, TQT_SLOT(cryptographicCardRemoved()));
updateCryptographicCardStatusDisplay();
}
@@ -926,6 +926,7 @@
unsigned int key_slot = lvi->text(0).toUInt();
bool allow_card = false;
bool use_card = false;
+ bool luks_card_key_modified = false;
KSSLCertificate* card_cert = NULL;
X509* card_cert_x509;
TQString disk_uuid = sdevice->diskUUID();
@@ -988,6 +989,7 @@
// Use the secret key as the LUKS passcode
new_password = randomKey;
+ luks_card_key_modified = true;
}
else {
KMessageBox::error(this, i18n("<qt><b>Key creation failed</b><br>Please check that you have write access to /etc/trinity/luks/card and try again</qt>"), i18n("Key creation failure"));
@@ -1081,6 +1083,16 @@
sdevice->cryptClearOperationsUnlockPassword();
KMessageBox::error(this, i18n("<qt><b>Key write failed</b><br>Please check the LUKS password and try again</qt>"), i18n("Key write failure"));
}
+ else {
+ if (luks_card_key_modified) {
+ if (KMessageBox::warningYesNo(this, i18n("<qt><b>You have created a new card-dependent key</b><br>Card-dependent keys work in conjunction with an encrypted key file stored on the host system.<br>When a card is used to boot, card-dependent keys must be updated in the initramfs image to become usable.<p>Would you like to update the initramfs image now?</qt>"), i18n("Update Required")) == KMessageBox::Yes) {
+ // Update the initramfs
+ if (system("update-initramfs -u -k all") != 0) {
+ KMessageBox::error(this, i18n("<qt><b>Initramfs update failed</b><br>Card-dependent keys may not be available for use until the root storage device is available / unlocked</qt>"), i18n("Initramfs update failure"));
+ }
+ }
+ }
+ }
}
}
}
diff --git a/kdesktop/lock/lockdlg.cc b/kdesktop/lock/lockdlg.cc
index e75ac2b..827495c 100644
--- a/kdesktop/lock/lockdlg.cc
+++ b/kdesktop/lock/lockdlg.cc
@@ -513,7 +513,17 @@
case ConvGetHidden:
if (!GRecvArr( &arr ))
break;
- greet->textPrompt( arr, false, false );
+ if (arr && (arr[0] != 0)) {
+ // Reset password entry and change text
+ greet->start();
+ greet->textPrompt( arr, false, false );
+ // Force relayout
+ setFixedSize( sizeHint().width(), sizeHint().height() + 1 );
+ setFixedSize( sizeHint() );
+ }
+ else {
+ greet->textPrompt( arr, false, false );
+ }
if (arr)
::free( arr );
return;
@@ -915,4 +925,14 @@
updateLabel();
}
+void PasswordDlg::attemptCardLogin() {
+ greet->start();
+ greet->next();
+}
+
+void PasswordDlg::resetCardLogin() {
+ greet->abort();
+ greet->start();
+}
+
#include "lockdlg.moc"
diff --git a/kdesktop/lock/lockdlg.h b/kdesktop/lock/lockdlg.h
index eea0931..1bcb756 100644
--- a/kdesktop/lock/lockdlg.h
+++ b/kdesktop/lock/lockdlg.h
@@ -49,6 +49,9 @@
virtual void gplugStart();
virtual void gplugActivity();
virtual void gplugMsgBox( TQMessageBox::Icon type, const TQString &text );
+
+ virtual void attemptCardLogin();
+ virtual void resetCardLogin();
protected:
virtual void timerEvent(TQTimerEvent *);
diff --git a/kdesktop/lock/lockprocess.cc b/kdesktop/lock/lockprocess.cc
index aa95143..494852e 100644
--- a/kdesktop/lock/lockprocess.cc
+++ b/kdesktop/lock/lockprocess.cc
@@ -34,6 +34,7 @@
#include <tdeapplication.h>
#include <kservicegroup.h>
#include <kdebug.h>
+#include <kuser.h>
#include <tdemessagebox.h>
#include <tdeglobalsettings.h>
#include <tdelocale.h>
@@ -112,6 +113,8 @@
#include <GL/glx.h>
#endif
+#define KDESKTOP_DEBUG_ID 1204
+
#define LOCK_GRACE_DEFAULT 5000
#define AUTOLOGOUT_DEFAULT 600
@@ -146,7 +149,7 @@
static void segv_handler(int)
{
- kdError(1204) << "A fatal exception was encountered."
+ kdError(KDESKTOP_DEBUG_ID) << "A fatal exception was encountered."
<< " Trapping and ignoring it so as not to compromise desktop security..."
<< kdBacktrace() << endl;
sleep(1);
@@ -272,7 +275,7 @@
KServiceGroup::Ptr servGroup = KServiceGroup::baseGroup( "screensavers");
if (servGroup) {
relPath=servGroup->relPath();
- kdDebug(1204) << "relPath=" << relPath << endl;
+ kdDebug(KDESKTOP_DEBUG_ID) << "relPath=" << relPath << endl;
}
TDEGlobal::dirs()->addResourceType("scrsav",
TDEGlobal::dirs()->kde_default("apps") +
@@ -288,6 +291,19 @@
if ((*it).startsWith("method=")) {
mMethod = (*it).mid(7);
}
+ }
+
+ // Initialize SmartCard readers
+ TDEGenericDevice *hwdevice;
+ TDEHardwareDevices *hwdevices = TDEGlobal::hardwareDevices();
+ TDEGenericHardwareList cardReaderList = hwdevices->listByDeviceClass(TDEGenericDeviceType::CryptographicCard);
+ for (hwdevice = cardReaderList.first(); hwdevice; hwdevice = cardReaderList.next()) {
+ TDECryptographicCardDevice* cdevice = static_cast<TDECryptographicCardDevice*>(hwdevice);
+ // connect(cdevice, SIGNAL(pinRequested(TQString,TDECryptographicCardDevice*)), this, SLOT(cryptographicCardPinRequested(TQString,TDECryptographicCardDevice*)));
+ connect(cdevice, TQT_SIGNAL(cardInserted(TDECryptographicCardDevice*)), this, TQT_SLOT(cryptographicCardInserted(TDECryptographicCardDevice*)));
+ connect(cdevice, TQT_SIGNAL(cardRemoved(TDECryptographicCardDevice*)), this, TQT_SLOT(cryptographicCardRemoved(TDECryptographicCardDevice*)));
+ cdevice->enableCardMonitoring(true);
+ // cdevice->enablePINEntryCallbacks(true);
}
#ifdef KEEP_MOUSE_UNGRABBED
@@ -781,11 +797,11 @@
TQStringList saverTypes = TQStringList::split(";", saverType);
for (uint i = 0; i < saverTypes.count(); i++) {
if ((saverTypes[i] == "ManipulateScreen") && !manipulatescreen) {
- kdDebug(1204) << "Screensaver is type ManipulateScreen and ManipulateScreen is forbidden" << endl;
+ kdDebug(KDESKTOP_DEBUG_ID) << "Screensaver is type ManipulateScreen and ManipulateScreen is forbidden" << endl;
mForbidden = true;
}
if ((saverTypes[i] == "OpenGL") && !opengl) {
- kdDebug(1204) << "Screensaver is type OpenGL and OpenGL is forbidden" << endl;
+ kdDebug(KDESKTOP_DEBUG_ID) << "Screensaver is type OpenGL and OpenGL is forbidden" << endl;
mForbidden = true;
** Diff limit reached (max: 250 lines) **
|
||