diff options
author | Timothy Pearson <kb9vqf@pearsoncomputing.net> | 2015-09-18 23:01:01 -0500 |
---|---|---|
committer | Timothy Pearson <kb9vqf@pearsoncomputing.net> | 2015-09-18 23:01:01 -0500 |
commit | 6f5e7b211009bf3a5b6816ee3cb064d7f393dfb9 (patch) | |
tree | e30e480a7524c15acd02901d3e6f0e48a9f6a12b | |
parent | 1ec002a8ee0c9165bedbcb6e273d9bacb0588e47 (diff) | |
download | tdebase-6f5e7b211009bf3a5b6816ee3cb064d7f393dfb9.tar.gz tdebase-6f5e7b211009bf3a5b6816ee3cb064d7f393dfb9.zip |
Streamline cryptographic card logon process
-rw-r--r-- | kdesktop/lock/lockdlg.cc | 26 | ||||
-rw-r--r-- | kdesktop/lock/lockprocess.cc | 13 | ||||
-rw-r--r-- | kdesktop/lock/lockprocess.h | 7 | ||||
-rw-r--r-- | tdm/kfrontend/kgreeter.cpp | 19 | ||||
-rw-r--r-- | tdm/kfrontend/kgverify.cpp | 12 | ||||
-rw-r--r-- | tdm/kfrontend/kgverify.h | 1 | ||||
-rw-r--r-- | tdmlib/kgreet_classic.cpp | 45 | ||||
-rw-r--r-- | tdmlib/kgreet_classic.h | 4 | ||||
-rw-r--r-- | tdmlib/kgreet_pam.cpp | 35 | ||||
-rw-r--r-- | tdmlib/kgreet_pam.h | 3 | ||||
-rw-r--r-- | tdmlib/kgreet_winbind.cpp | 35 | ||||
-rw-r--r-- | tdmlib/kgreet_winbind.h | 3 | ||||
-rw-r--r-- | tdmlib/kgreeterplugin.h | 6 |
13 files changed, 180 insertions, 29 deletions
diff --git a/kdesktop/lock/lockdlg.cc b/kdesktop/lock/lockdlg.cc index 59ad23f28..3ae0efaa4 100644 --- a/kdesktop/lock/lockdlg.cc +++ b/kdesktop/lock/lockdlg.cc @@ -276,6 +276,10 @@ void PasswordDlg::init(GreeterPluginHandle *plugin) mLayoutButton->hide(); // no kxkb running } capsLocked(); + + if (static_cast< LockProcess* >(parent())->cryptographicCardDevice()) { + attemptCardLogin(); + } } PasswordDlg::~PasswordDlg() @@ -954,14 +958,32 @@ void PasswordDlg::attemptCardLogin() { greet->setInfoMessageDisplay(false); validUserCardInserted = true; - greet->start(); - greet->next(); + greet->setPasswordPrompt(i18n("PIN:")); + + // Force relayout + setFixedSize(sizeHint().width(), sizeHint().height() + 1); + setFixedSize(sizeHint()); + + // Attempt authentication if configured + TDECryptographicCardDevice* cdevice = static_cast< LockProcess* >(parent())->cryptographicCardDevice(); + if (cdevice) { + TQString autoPIN = cdevice->autoPIN(); + if (autoPIN != TQString::null) { + greet->setPassword(autoPIN); + greet->next(); + } + } } void PasswordDlg::resetCardLogin() { validUserCardInserted = false; greet->abort(); greet->start(); + greet->setPasswordPrompt(TQString::null); + + // Force relayout + setFixedSize(sizeHint().width(), sizeHint().height() + 1); + setFixedSize(sizeHint()); // Restore information message display settings greet->setInfoMessageDisplay(showInfoMessages); diff --git a/kdesktop/lock/lockprocess.cc b/kdesktop/lock/lockprocess.cc index 494852e39..38526d644 100644 --- a/kdesktop/lock/lockprocess.cc +++ b/kdesktop/lock/lockprocess.cc @@ -228,6 +228,7 @@ LockProcess::LockProcess() m_dialogPrevX(0), m_dialogPrevY(0), m_notifyReadyRequested(false), + m_loginCardDevice(NULL), m_maskWidget(NULL), m_saverRootWindow(0) { @@ -300,7 +301,7 @@ LockProcess::LockProcess() for (hwdevice = cardReaderList.first(); hwdevice; hwdevice = cardReaderList.next()) { TDECryptographicCardDevice* cdevice = static_cast<TDECryptographicCardDevice*>(hwdevice); // connect(cdevice, SIGNAL(pinRequested(TQString,TDECryptographicCardDevice*)), this, SLOT(cryptographicCardPinRequested(TQString,TDECryptographicCardDevice*))); - connect(cdevice, TQT_SIGNAL(cardInserted(TDECryptographicCardDevice*)), this, TQT_SLOT(cryptographicCardInserted(TDECryptographicCardDevice*))); + connect(cdevice, TQT_SIGNAL(certificateListAvailable(TDECryptographicCardDevice*)), this, TQT_SLOT(cryptographicCardInserted(TDECryptographicCardDevice*))); connect(cdevice, TQT_SIGNAL(cardRemoved(TDECryptographicCardDevice*)), this, TQT_SLOT(cryptographicCardRemoved(TDECryptographicCardDevice*))); cdevice->enableCardMonitoring(true); // cdevice->enablePINEntryCallbacks(true); @@ -2846,6 +2847,7 @@ void LockProcess::cryptographicCardInserted(TDECryptographicCardDevice* cdevice) } // Pass login to the PAM stack... + m_loginCardDevice = cdevice; if (dynamic_cast<SAKDlg*>(currentDialog)) { dynamic_cast<SAKDlg*>(currentDialog)->closeDialogForced(); TQTimer::singleShot(0, this, SLOT(signalPassDlgToAttemptCardLogin())); @@ -2867,17 +2869,18 @@ void LockProcess::cryptographicCardRemoved(TDECryptographicCardDevice* cdevice) passDlg->resetCardLogin(); } else { + m_loginCardDevice = NULL; TQTimer::singleShot(0, this, SLOT(signalPassDlgToAttemptCardAbort())); } } void LockProcess::signalPassDlgToAttemptCardLogin() { PasswordDlg* passDlg = dynamic_cast<PasswordDlg*>(currentDialog); - if (passDlg) { + if (passDlg && m_loginCardDevice) { passDlg->attemptCardLogin(); } else { - if (currentDialog) { + if (currentDialog && m_loginCardDevice) { // Try again later TQTimer::singleShot(0, this, SLOT(signalPassDlgToAttemptCardLogin())); } @@ -2915,6 +2918,10 @@ void LockProcess::cryptographicCardPinRequested(TQString prompt, TDECryptographi } } +TDECryptographicCardDevice* LockProcess::cryptographicCardDevice() { + return m_loginCardDevice; +} + void LockProcess::fullyOnline() { if (!mFullyOnlineSent) { if (kdesktop_pid > 0) { diff --git a/kdesktop/lock/lockprocess.h b/kdesktop/lock/lockprocess.h index dafd2ae1c..4dc2d8bab 100644 --- a/kdesktop/lock/lockprocess.h +++ b/kdesktop/lock/lockprocess.h @@ -105,6 +105,8 @@ class LockProcess : public TQWidget void msgBox( TQMessageBox::Icon type, const TQString &txt ); int execDialog( TQDialog* dlg ); + TDECryptographicCardDevice* cryptographicCardDevice(); + signals: void terminateHelperThread(); @@ -232,7 +234,7 @@ class LockProcess : public TQWidget bool mInfoMessageDisplayed; bool mDialogControlLock; bool mForceReject; - TQDialog *currentDialog; + TQDialog *currentDialog; TQTimer* mEnsureScreenHiddenTimer; TQTimer* mForceContinualLockDisplayTimer; @@ -250,7 +252,7 @@ class LockProcess : public TQWidget bool mHackActive; TQPixmap backingPixmap; - KRootPixmap *m_rootPixmap; + KRootPixmap *m_rootPixmap; int mBackingStartupDelayTimer; TQPixmap mArgbTransparentBackgroundPixmap; @@ -265,6 +267,7 @@ class LockProcess : public TQWidget int m_dialogPrevY; bool m_notifyReadyRequested; + TDECryptographicCardDevice* m_loginCardDevice; TQWidget* m_maskWidget; Window m_saverRootWindow; diff --git a/tdm/kfrontend/kgreeter.cpp b/tdm/kfrontend/kgreeter.cpp index 15b325898..e14e58491 100644 --- a/tdm/kfrontend/kgreeter.cpp +++ b/tdm/kfrontend/kgreeter.cpp @@ -899,9 +899,16 @@ void KGreeter::cryptographicCardInserted(TDECryptographicCardDevice* cdevice) { // pam_pkcs11 is extremely chatty with no apparent way to disable the unwanted messages verify->setInfoMessageDisplay(false); - // Initiate login + // Set up password prompt cardLoginUser = login_name; - verify->accept(); + verify->setPasswordPrompt(i18n("PIN:")); + + TQString autoPIN = cdevice->autoPIN(); + if (autoPIN != TQString::null) { + // Initiate login + verify->setPassword(autoPIN); + verify->accept(); + } } } } @@ -910,6 +917,7 @@ void KGreeter::cryptographicCardRemoved(TDECryptographicCardDevice* cdevice) { cardLoginUser = TQString::null; verify->lockUserEntry(false); verify->requestAbort(); + verify->setPasswordPrompt(TQString::null); // Restore information message display settings verify->setInfoMessageDisplay(showInfoMessages); @@ -1128,8 +1136,9 @@ KThemedGreeter::KThemedGreeter() xauth_warning = themer->findNode( "xauth-warning" ); // tdm ext pam_error = themer->findNode( "pam-error" ); timed_label = themer->findNode( "timed-label" ); - if (pam_error && pam_error->isA( "KdmLabel" )) + if (pam_error && pam_error->isA( "KdmLabel" )) { static_cast<KdmLabel*>(pam_error)->setText( i18n("Login Failed.") ); + } KdmItem *itm; if ((itm = themer->findNode( "pam-message" ))) // done via msgboxes @@ -1291,6 +1300,10 @@ KThemedGreeter::updateStatus( bool fail, bool caps, int timedleft ) timed_label->hide( true ); } } + + if (cardLoginUser != TQString::null) { + verify->setPasswordPrompt(i18n("PIN:")); + } } void diff --git a/tdm/kfrontend/kgverify.cpp b/tdm/kfrontend/kgverify.cpp index cc20d54ed..6e6b685db 100644 --- a/tdm/kfrontend/kgverify.cpp +++ b/tdm/kfrontend/kgverify.cpp @@ -295,6 +295,18 @@ KGVerify::setInfoMessageDisplay(bool on) } void +KGVerify::setPasswordPrompt(const TQString &prompt) +{ + greet->setPasswordPrompt(prompt); + if (prompt != TQString::null) { + setPassPromptText(prompt, false); + } + else { + setPassPromptText(TQString::null, true); + } +} + +void KGVerify::start() { authTok = (func == KGreeterPlugin::ChAuthTok); diff --git a/tdm/kfrontend/kgverify.h b/tdm/kfrontend/kgverify.h index 278cc0dd3..2ab3ff37b 100644 --- a/tdm/kfrontend/kgverify.h +++ b/tdm/kfrontend/kgverify.h @@ -103,6 +103,7 @@ class KGVerify : public TQObject, public KGreeterPluginHandler { void lockUserEntry( const bool lock ); void setPassword( const TQString &pass ); void setInfoMessageDisplay( bool on ); + void setPasswordPrompt(const TQString &prompt); /* virtual */ void selectPlugin( int id ); bool entitiesLocal() const; bool entitiesFielded() const; diff --git a/tdmlib/kgreet_classic.cpp b/tdmlib/kgreet_classic.cpp index 7eb983583..f99acfb3c 100644 --- a/tdmlib/kgreet_classic.cpp +++ b/tdmlib/kgreet_classic.cpp @@ -67,6 +67,7 @@ KClassicGreeter::KClassicGreeter( KGreeterPluginHandler *_handler, exp( -1 ), pExp( -1 ), running( false ), + userEntryLocked(false), suppressInfoMsg(false) { KdmItem *user_entry = 0, *pw_entry = 0; @@ -224,6 +225,7 @@ KClassicGreeter::setUser( const TQString &user ) } void KClassicGreeter::lockUserEntry( const bool lock ) { + userEntryLocked = lock; loginEdit->setEnabled(!lock); } @@ -251,6 +253,23 @@ void KClassicGreeter::setInfoMessageDisplay(bool enable) { suppressInfoMsg = !enable; } +void KClassicGreeter::setPasswordPrompt(const TQString &prompt) { + if (passwdLabel) { + passwdPromptCustomString = prompt; + + if (prompt != TQString::null) { + passwdLabel->setText(prompt); + } + else { + passwdLabel->setText(passwordPrompt()); + } + if (grid) { + grid->invalidate(); + grid->activate(); + } + } +} + void // private KClassicGreeter::returnData() { @@ -311,7 +330,9 @@ KClassicGreeter::textPrompt( const char *prompt, bool echo, bool nonBlocking ) passwdLabel->setText(prompt); } else { - passwdLabel->setText(passwordPrompt()); + if (passwdPromptCustomString == TQString::null) { + passwdLabel->setText(passwordPrompt()); + } } if (grid) { grid->invalidate(); @@ -349,8 +370,9 @@ KClassicGreeter::textPrompt( const char *prompt, bool echo, bool nonBlocking ) has = -1; } - if (has >= exp || nonBlocking) + if (has >= exp || nonBlocking) { returnData(); + } } bool // virtual @@ -432,7 +454,7 @@ KClassicGreeter::succeeded() void // virtual KClassicGreeter::failed() { - if (passwdLabel) { + if (passwdLabel && (passwdPromptCustomString == TQString::null)) { // reset password prompt passwdLabel->setText(passwordPrompt()); if (grid) { @@ -451,7 +473,7 @@ KClassicGreeter::failed() void // virtual KClassicGreeter::revive() { - if (passwdLabel) { + if (passwdLabel && (passwdPromptCustomString == TQString::null)) { // reset password prompt passwdLabel->setText(passwordPrompt()); if (grid) { @@ -483,7 +505,7 @@ KClassicGreeter::revive() void // virtual KClassicGreeter::clear() { - if (passwdLabel) { + if (passwdLabel && (passwdPromptCustomString == TQString::null)) { // reset password prompt passwdLabel->setText(passwordPrompt()); if (grid) { @@ -508,10 +530,17 @@ KClassicGreeter::clear() void KClassicGreeter::setActive( bool enable ) { - if (loginEdit) - loginEdit->setEnabled( enable ); - if (passwdEdit) + if (loginEdit) { + if (userEntryLocked) { + loginEdit->setEnabled( false ); + } + else { + loginEdit->setEnabled( enable ); + } + } + if (passwdEdit) { passwdEdit->setEnabled( enable ); + } } void diff --git a/tdmlib/kgreet_classic.h b/tdmlib/kgreet_classic.h index 4f023db02..3f36d5000 100644 --- a/tdmlib/kgreet_classic.h +++ b/tdmlib/kgreet_classic.h @@ -52,6 +52,7 @@ class KClassicGreeter : public TQObject, public KGreeterPlugin { virtual void setUser( const TQString &user ); virtual void lockUserEntry( const bool lock ); virtual void setPassword( const TQString &pass ); + virtual void setPasswordPrompt( const TQString &prompt ); virtual void setEnabled( bool on ); virtual void setInfoMessageDisplay( bool on ); virtual bool textMessage( const char *message, bool error ); @@ -86,7 +87,8 @@ class KClassicGreeter : public TQObject, public KGreeterPlugin { Context ctx; TQGridLayout* grid; int exp, pExp, has; - bool running, authTok, suppressInfoMsg; + bool running, authTok, userEntryLocked, suppressInfoMsg; + TQString passwdPromptCustomString; }; #endif /* KGREET_CLASSIC_H */ diff --git a/tdmlib/kgreet_pam.cpp b/tdmlib/kgreet_pam.cpp index 7fcfafc8b..2aea2ae04 100644 --- a/tdmlib/kgreet_pam.cpp +++ b/tdmlib/kgreet_pam.cpp @@ -89,6 +89,7 @@ KPamGreeter::KPamGreeter( KGreeterPluginHandler *_handler, exp( -1 ), pExp( -1 ), running( false ), + userEntryLocked(false), suppressInfoMsg(false) { ctx = Login; @@ -265,6 +266,7 @@ KPamGreeter::setUser( const TQString &user ) } void KPamGreeter::lockUserEntry( const bool lock ) { + userEntryLocked = lock; loginEdit->setEnabled(!lock); } @@ -284,14 +286,32 @@ KPamGreeter::setEnabled(bool enable) // loginLabel->setEnabled( enable ); authEdit[0]->setEnabled( enable ); setActive( enable ); - if (enable) + if (enable) { authEdit[0]->setFocus(); + } } void KPamGreeter::setInfoMessageDisplay(bool enable) { suppressInfoMsg = !enable; } +void KPamGreeter::setPasswordPrompt(const TQString &prompt) { +#if 0 + if (passwdLabel) { + if (prompt != TQString::null) { + passwdLabel->setText(prompt); + } + else { + passwdLabel->setText(passwordPrompt()); + } + if (grid) { + grid->invalidate(); + grid->activate(); + } + } +#endif +} + void // private KPamGreeter::returnData() { @@ -349,8 +369,9 @@ KPamGreeter::textPrompt( const char *prompt, bool echo, bool nonBlocking ) kg_debug("state is %d, authEdit.size is %d\n", state, authEdit.size()); if (state == 0 && echo) { - if (loginLabel) + if (loginLabel) { loginLabel->setText(TQString::fromUtf8(prompt)); + } else if (m_themer) { KdmLabel *tdmlabel = static_cast<KdmLabel*>(m_themer->findNode("user-label")); if (tdmlabel) { @@ -612,8 +633,14 @@ KPamGreeter::clear() void KPamGreeter::setActive( bool enable ) { - if (loginEdit) - loginEdit->setEnabled( enable ); + if (loginEdit) { + if (userEntryLocked) { + loginEdit->setEnabled( false ); + } + else { + loginEdit->setEnabled( enable ); + } + } } void diff --git a/tdmlib/kgreet_pam.h b/tdmlib/kgreet_pam.h index 79e92b33a..f579f9522 100644 --- a/tdmlib/kgreet_pam.h +++ b/tdmlib/kgreet_pam.h @@ -52,6 +52,7 @@ class KPamGreeter : public TQObject, public KGreeterPlugin { virtual void setUser( const TQString &user ); virtual void lockUserEntry( const bool lock ); virtual void setPassword( const TQString &pass ); + virtual void setPasswordPrompt( const TQString &prompt ); virtual void setEnabled( bool on ); virtual void setInfoMessageDisplay( bool on ); virtual bool textMessage( const char *message, bool error ); @@ -90,7 +91,7 @@ class KPamGreeter : public TQObject, public KGreeterPlugin { Context ctx; int exp, pExp, has; unsigned state; - bool running, authTok, suppressInfoMsg; + bool running, authTok, userEntryLocked, suppressInfoMsg; }; #endif /* KGREET_CLASSIC_H */ diff --git a/tdmlib/kgreet_winbind.cpp b/tdmlib/kgreet_winbind.cpp index 1efd170ba..cddb2866b 100644 --- a/tdmlib/kgreet_winbind.cpp +++ b/tdmlib/kgreet_winbind.cpp @@ -75,6 +75,7 @@ KWinbindGreeter::KWinbindGreeter( KGreeterPluginHandler *_handler, exp( -1 ), pExp( -1 ), running( false ), + userEntryLocked(false), suppressInfoMsg(false) { KdmItem *user_entry = 0, *pw_entry = 0, *domain_entry = 0; @@ -299,6 +300,7 @@ KWinbindGreeter::setUser( const TQString &user ) } void KWinbindGreeter::lockUserEntry( const bool lock ) { + userEntryLocked = lock; loginEdit->setEnabled(!lock); } @@ -328,6 +330,23 @@ void KWinbindGreeter::setInfoMessageDisplay(bool enable) { suppressInfoMsg = !enable; } +void KWinbindGreeter::setPasswordPrompt(const TQString &prompt) { +#if 0 + if (passwdLabel) { + if (prompt != TQString::null) { + passwdLabel->setText(prompt); + } + else { + passwdLabel->setText(passwordPrompt()); + } + if (grid) { + grid->invalidate(); + grid->activate(); + } + } +#endif +} + void // private KWinbindGreeter::returnData() { @@ -537,12 +556,20 @@ KWinbindGreeter::clear() void KWinbindGreeter::setActive( bool enable ) { - if (domainCombo) + if (domainCombo) { domainCombo->setEnabled( enable ); - if (loginEdit) - loginEdit->setEnabled( enable ); - if (passwdEdit) + } + if (loginEdit) { + if (userEntryLocked) { + loginEdit->setEnabled( false ); + } + else { + loginEdit->setEnabled( enable ); + } + } + if (passwdEdit) { passwdEdit->setEnabled( enable ); + } } void diff --git a/tdmlib/kgreet_winbind.h b/tdmlib/kgreet_winbind.h index e21fce35b..85565628e 100644 --- a/tdmlib/kgreet_winbind.h +++ b/tdmlib/kgreet_winbind.h @@ -56,6 +56,7 @@ class KWinbindGreeter : public TQObject, public KGreeterPlugin { virtual void setUser( const TQString &user ); virtual void lockUserEntry( const bool lock ); virtual void setPassword( const TQString &pass ); + virtual void setPasswordPrompt( const TQString &prompt ); virtual void setEnabled( bool on ); virtual void setInfoMessageDisplay( bool on ); virtual bool textMessage( const char *message, bool error ); @@ -97,7 +98,7 @@ class KWinbindGreeter : public TQObject, public KGreeterPlugin { Function func; Context ctx; int exp, pExp, has; - bool running, authTok, suppressInfoMsg; + bool running, authTok, userEntryLocked, suppressInfoMsg; }; #endif /* KGREET_WINBIND_H */ diff --git a/tdmlib/kgreeterplugin.h b/tdmlib/kgreeterplugin.h index 029da236c..1dcd0233b 100644 --- a/tdmlib/kgreeterplugin.h +++ b/tdmlib/kgreeterplugin.h @@ -164,6 +164,12 @@ public: virtual void setPassword( const TQString &pass ) = 0; /** + * Set the talker's password prompt to a custom string + * @param prompt the password prompt to set, or TQString::null for default + */ + virtual void setPasswordPrompt( const TQString &prompt ) = 0; + + /** * En-/disable any widgets contained in the talker. * Will be called only when not running. * @param on the state to set |