summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTimothy Pearson <kb9vqf@pearsoncomputing.net>2015-09-18 23:01:01 -0500
committerTimothy Pearson <kb9vqf@pearsoncomputing.net>2015-09-18 23:01:01 -0500
commit6f5e7b211009bf3a5b6816ee3cb064d7f393dfb9 (patch)
treee30e480a7524c15acd02901d3e6f0e48a9f6a12b
parent1ec002a8ee0c9165bedbcb6e273d9bacb0588e47 (diff)
downloadtdebase-6f5e7b21.tar.gz
tdebase-6f5e7b21.zip
Streamline cryptographic card logon process
-rw-r--r--kdesktop/lock/lockdlg.cc26
-rw-r--r--kdesktop/lock/lockprocess.cc13
-rw-r--r--kdesktop/lock/lockprocess.h7
-rw-r--r--tdm/kfrontend/kgreeter.cpp19
-rw-r--r--tdm/kfrontend/kgverify.cpp12
-rw-r--r--tdm/kfrontend/kgverify.h1
-rw-r--r--tdmlib/kgreet_classic.cpp45
-rw-r--r--tdmlib/kgreet_classic.h4
-rw-r--r--tdmlib/kgreet_pam.cpp35
-rw-r--r--tdmlib/kgreet_pam.h3
-rw-r--r--tdmlib/kgreet_winbind.cpp35
-rw-r--r--tdmlib/kgreet_winbind.h3
-rw-r--r--tdmlib/kgreeterplugin.h6
13 files changed, 180 insertions, 29 deletions
diff --git a/kdesktop/lock/lockdlg.cc b/kdesktop/lock/lockdlg.cc
index 59ad23f28..3ae0efaa4 100644
--- a/kdesktop/lock/lockdlg.cc
+++ b/kdesktop/lock/lockdlg.cc
@@ -276,6 +276,10 @@ void PasswordDlg::init(GreeterPluginHandle *plugin)
mLayoutButton->hide(); // no kxkb running
}
capsLocked();
+
+ if (static_cast< LockProcess* >(parent())->cryptographicCardDevice()) {
+ attemptCardLogin();
+ }
}
PasswordDlg::~PasswordDlg()
@@ -954,14 +958,32 @@ void PasswordDlg::attemptCardLogin() {
greet->setInfoMessageDisplay(false);
validUserCardInserted = true;
- greet->start();
- greet->next();
+ greet->setPasswordPrompt(i18n("PIN:"));
+
+ // Force relayout
+ setFixedSize(sizeHint().width(), sizeHint().height() + 1);
+ setFixedSize(sizeHint());
+
+ // Attempt authentication if configured
+ TDECryptographicCardDevice* cdevice = static_cast< LockProcess* >(parent())->cryptographicCardDevice();
+ if (cdevice) {
+ TQString autoPIN = cdevice->autoPIN();
+ if (autoPIN != TQString::null) {
+ greet->setPassword(autoPIN);
+ greet->next();
+ }
+ }
}
void PasswordDlg::resetCardLogin() {
validUserCardInserted = false;
greet->abort();
greet->start();
+ greet->setPasswordPrompt(TQString::null);
+
+ // Force relayout
+ setFixedSize(sizeHint().width(), sizeHint().height() + 1);
+ setFixedSize(sizeHint());
// Restore information message display settings
greet->setInfoMessageDisplay(showInfoMessages);
diff --git a/kdesktop/lock/lockprocess.cc b/kdesktop/lock/lockprocess.cc
index 494852e39..38526d644 100644
--- a/kdesktop/lock/lockprocess.cc
+++ b/kdesktop/lock/lockprocess.cc
@@ -228,6 +228,7 @@ LockProcess::LockProcess()
m_dialogPrevX(0),
m_dialogPrevY(0),
m_notifyReadyRequested(false),
+ m_loginCardDevice(NULL),
m_maskWidget(NULL),
m_saverRootWindow(0)
{
@@ -300,7 +301,7 @@ LockProcess::LockProcess()
for (hwdevice = cardReaderList.first(); hwdevice; hwdevice = cardReaderList.next()) {
TDECryptographicCardDevice* cdevice = static_cast<TDECryptographicCardDevice*>(hwdevice);
// connect(cdevice, SIGNAL(pinRequested(TQString,TDECryptographicCardDevice*)), this, SLOT(cryptographicCardPinRequested(TQString,TDECryptographicCardDevice*)));
- connect(cdevice, TQT_SIGNAL(cardInserted(TDECryptographicCardDevice*)), this, TQT_SLOT(cryptographicCardInserted(TDECryptographicCardDevice*)));
+ connect(cdevice, TQT_SIGNAL(certificateListAvailable(TDECryptographicCardDevice*)), this, TQT_SLOT(cryptographicCardInserted(TDECryptographicCardDevice*)));
connect(cdevice, TQT_SIGNAL(cardRemoved(TDECryptographicCardDevice*)), this, TQT_SLOT(cryptographicCardRemoved(TDECryptographicCardDevice*)));
cdevice->enableCardMonitoring(true);
// cdevice->enablePINEntryCallbacks(true);
@@ -2846,6 +2847,7 @@ void LockProcess::cryptographicCardInserted(TDECryptographicCardDevice* cdevice)
}
// Pass login to the PAM stack...
+ m_loginCardDevice = cdevice;
if (dynamic_cast<SAKDlg*>(currentDialog)) {
dynamic_cast<SAKDlg*>(currentDialog)->closeDialogForced();
TQTimer::singleShot(0, this, SLOT(signalPassDlgToAttemptCardLogin()));
@@ -2867,17 +2869,18 @@ void LockProcess::cryptographicCardRemoved(TDECryptographicCardDevice* cdevice)
passDlg->resetCardLogin();
}
else {
+ m_loginCardDevice = NULL;
TQTimer::singleShot(0, this, SLOT(signalPassDlgToAttemptCardAbort()));
}
}
void LockProcess::signalPassDlgToAttemptCardLogin() {
PasswordDlg* passDlg = dynamic_cast<PasswordDlg*>(currentDialog);
- if (passDlg) {
+ if (passDlg && m_loginCardDevice) {
passDlg->attemptCardLogin();
}
else {
- if (currentDialog) {
+ if (currentDialog && m_loginCardDevice) {
// Try again later
TQTimer::singleShot(0, this, SLOT(signalPassDlgToAttemptCardLogin()));
}
@@ -2915,6 +2918,10 @@ void LockProcess::cryptographicCardPinRequested(TQString prompt, TDECryptographi
}
}
+TDECryptographicCardDevice* LockProcess::cryptographicCardDevice() {
+ return m_loginCardDevice;
+}
+
void LockProcess::fullyOnline() {
if (!mFullyOnlineSent) {
if (kdesktop_pid > 0) {
diff --git a/kdesktop/lock/lockprocess.h b/kdesktop/lock/lockprocess.h
index dafd2ae1c..4dc2d8bab 100644
--- a/kdesktop/lock/lockprocess.h
+++ b/kdesktop/lock/lockprocess.h
@@ -105,6 +105,8 @@ class LockProcess : public TQWidget
void msgBox( TQMessageBox::Icon type, const TQString &txt );
int execDialog( TQDialog* dlg );
+ TDECryptographicCardDevice* cryptographicCardDevice();
+
signals:
void terminateHelperThread();
@@ -232,7 +234,7 @@ class LockProcess : public TQWidget
bool mInfoMessageDisplayed;
bool mDialogControlLock;
bool mForceReject;
- TQDialog *currentDialog;
+ TQDialog *currentDialog;
TQTimer* mEnsureScreenHiddenTimer;
TQTimer* mForceContinualLockDisplayTimer;
@@ -250,7 +252,7 @@ class LockProcess : public TQWidget
bool mHackActive;
TQPixmap backingPixmap;
- KRootPixmap *m_rootPixmap;
+ KRootPixmap *m_rootPixmap;
int mBackingStartupDelayTimer;
TQPixmap mArgbTransparentBackgroundPixmap;
@@ -265,6 +267,7 @@ class LockProcess : public TQWidget
int m_dialogPrevY;
bool m_notifyReadyRequested;
+ TDECryptographicCardDevice* m_loginCardDevice;
TQWidget* m_maskWidget;
Window m_saverRootWindow;
diff --git a/tdm/kfrontend/kgreeter.cpp b/tdm/kfrontend/kgreeter.cpp
index 15b325898..e14e58491 100644
--- a/tdm/kfrontend/kgreeter.cpp
+++ b/tdm/kfrontend/kgreeter.cpp
@@ -899,9 +899,16 @@ void KGreeter::cryptographicCardInserted(TDECryptographicCardDevice* cdevice) {
// pam_pkcs11 is extremely chatty with no apparent way to disable the unwanted messages
verify->setInfoMessageDisplay(false);
- // Initiate login
+ // Set up password prompt
cardLoginUser = login_name;
- verify->accept();
+ verify->setPasswordPrompt(i18n("PIN:"));
+
+ TQString autoPIN = cdevice->autoPIN();
+ if (autoPIN != TQString::null) {
+ // Initiate login
+ verify->setPassword(autoPIN);
+ verify->accept();
+ }
}
}
}
@@ -910,6 +917,7 @@ void KGreeter::cryptographicCardRemoved(TDECryptographicCardDevice* cdevice) {
cardLoginUser = TQString::null;
verify->lockUserEntry(false);
verify->requestAbort();
+ verify->setPasswordPrompt(TQString::null);
// Restore information message display settings
verify->setInfoMessageDisplay(showInfoMessages);
@@ -1128,8 +1136,9 @@ KThemedGreeter::KThemedGreeter()
xauth_warning = themer->findNode( "xauth-warning" ); // tdm ext
pam_error = themer->findNode( "pam-error" );
timed_label = themer->findNode( "timed-label" );
- if (pam_error && pam_error->isA( "KdmLabel" ))
+ if (pam_error && pam_error->isA( "KdmLabel" )) {
static_cast<KdmLabel*>(pam_error)->setText( i18n("Login Failed.") );
+ }
KdmItem *itm;
if ((itm = themer->findNode( "pam-message" ))) // done via msgboxes
@@ -1291,6 +1300,10 @@ KThemedGreeter::updateStatus( bool fail, bool caps, int timedleft )
timed_label->hide( true );
}
}
+
+ if (cardLoginUser != TQString::null) {
+ verify->setPasswordPrompt(i18n("PIN:"));
+ }
}
void
diff --git a/tdm/kfrontend/kgverify.cpp b/tdm/kfrontend/kgverify.cpp
index cc20d54ed..6e6b685db 100644
--- a/tdm/kfrontend/kgverify.cpp
+++ b/tdm/kfrontend/kgverify.cpp
@@ -295,6 +295,18 @@ KGVerify::setInfoMessageDisplay(bool on)
}
void
+KGVerify::setPasswordPrompt(const TQString &prompt)
+{
+ greet->setPasswordPrompt(prompt);
+ if (prompt != TQString::null) {
+ setPassPromptText(prompt, false);
+ }
+ else {
+ setPassPromptText(TQString::null, true);
+ }
+}
+
+void
KGVerify::start()
{
authTok = (func == KGreeterPlugin::ChAuthTok);
diff --git a/tdm/kfrontend/kgverify.h b/tdm/kfrontend/kgverify.h
index 278cc0dd3..2ab3ff37b 100644
--- a/tdm/kfrontend/kgverify.h
+++ b/tdm/kfrontend/kgverify.h
@@ -103,6 +103,7 @@ class KGVerify : public TQObject, public KGreeterPluginHandler {
void lockUserEntry( const bool lock );
void setPassword( const TQString &pass );
void setInfoMessageDisplay( bool on );
+ void setPasswordPrompt(const TQString &prompt);
/* virtual */ void selectPlugin( int id );
bool entitiesLocal() const;
bool entitiesFielded() const;
diff --git a/tdmlib/kgreet_classic.cpp b/tdmlib/kgreet_classic.cpp
index 7eb983583..f99acfb3c 100644
--- a/tdmlib/kgreet_classic.cpp
+++ b/tdmlib/kgreet_classic.cpp
@@ -67,6 +67,7 @@ KClassicGreeter::KClassicGreeter( KGreeterPluginHandler *_handler,
exp( -1 ),
pExp( -1 ),
running( false ),
+ userEntryLocked(false),
suppressInfoMsg(false)
{
KdmItem *user_entry = 0, *pw_entry = 0;
@@ -224,6 +225,7 @@ KClassicGreeter::setUser( const TQString &user )
}
void KClassicGreeter::lockUserEntry( const bool lock ) {
+ userEntryLocked = lock;
loginEdit->setEnabled(!lock);
}
@@ -251,6 +253,23 @@ void KClassicGreeter::setInfoMessageDisplay(bool enable) {
suppressInfoMsg = !enable;
}
+void KClassicGreeter::setPasswordPrompt(const TQString &prompt) {
+ if (passwdLabel) {
+ passwdPromptCustomString = prompt;
+
+ if (prompt != TQString::null) {
+ passwdLabel->setText(prompt);
+ }
+ else {
+ passwdLabel->setText(passwordPrompt());
+ }
+ if (grid) {
+ grid->invalidate();
+ grid->activate();
+ }
+ }
+}
+
void // private
KClassicGreeter::returnData()
{
@@ -311,7 +330,9 @@ KClassicGreeter::textPrompt( const char *prompt, bool echo, bool nonBlocking )
passwdLabel->setText(prompt);
}
else {
- passwdLabel->setText(passwordPrompt());
+ if (passwdPromptCustomString == TQString::null) {
+ passwdLabel->setText(passwordPrompt());
+ }
}
if (grid) {
grid->invalidate();
@@ -349,8 +370,9 @@ KClassicGreeter::textPrompt( const char *prompt, bool echo, bool nonBlocking )
has = -1;
}
- if (has >= exp || nonBlocking)
+ if (has >= exp || nonBlocking) {
returnData();
+ }
}
bool // virtual
@@ -432,7 +454,7 @@ KClassicGreeter::succeeded()
void // virtual
KClassicGreeter::failed()
{
- if (passwdLabel) {
+ if (passwdLabel && (passwdPromptCustomString == TQString::null)) {
// reset password prompt
passwdLabel->setText(passwordPrompt());
if (grid) {
@@ -451,7 +473,7 @@ KClassicGreeter::failed()
void // virtual
KClassicGreeter::revive()
{
- if (passwdLabel) {
+ if (passwdLabel && (passwdPromptCustomString == TQString::null)) {
// reset password prompt
passwdLabel->setText(passwordPrompt());
if (grid) {
@@ -483,7 +505,7 @@ KClassicGreeter::revive()
void // virtual
KClassicGreeter::clear()
{
- if (passwdLabel) {
+ if (passwdLabel && (passwdPromptCustomString == TQString::null)) {
// reset password prompt
passwdLabel->setText(passwordPrompt());
if (grid) {
@@ -508,10 +530,17 @@ KClassicGreeter::clear()
void
KClassicGreeter::setActive( bool enable )
{
- if (loginEdit)
- loginEdit->setEnabled( enable );
- if (passwdEdit)
+ if (loginEdit) {
+ if (userEntryLocked) {
+ loginEdit->setEnabled( false );
+ }
+ else {
+ loginEdit->setEnabled( enable );
+ }
+ }
+ if (passwdEdit) {
passwdEdit->setEnabled( enable );
+ }
}
void
diff --git a/tdmlib/kgreet_classic.h b/tdmlib/kgreet_classic.h
index 4f023db02..3f36d5000 100644
--- a/tdmlib/kgreet_classic.h
+++ b/tdmlib/kgreet_classic.h
@@ -52,6 +52,7 @@ class KClassicGreeter : public TQObject, public KGreeterPlugin {
virtual void setUser( const TQString &user );
virtual void lockUserEntry( const bool lock );
virtual void setPassword( const TQString &pass );
+ virtual void setPasswordPrompt( const TQString &prompt );
virtual void setEnabled( bool on );
virtual void setInfoMessageDisplay( bool on );
virtual bool textMessage( const char *message, bool error );
@@ -86,7 +87,8 @@ class KClassicGreeter : public TQObject, public KGreeterPlugin {
Context ctx;
TQGridLayout* grid;
int exp, pExp, has;
- bool running, authTok, suppressInfoMsg;
+ bool running, authTok, userEntryLocked, suppressInfoMsg;
+ TQString passwdPromptCustomString;
};
#endif /* KGREET_CLASSIC_H */
diff --git a/tdmlib/kgreet_pam.cpp b/tdmlib/kgreet_pam.cpp
index 7fcfafc8b..2aea2ae04 100644
--- a/tdmlib/kgreet_pam.cpp
+++ b/tdmlib/kgreet_pam.cpp
@@ -89,6 +89,7 @@ KPamGreeter::KPamGreeter( KGreeterPluginHandler *_handler,
exp( -1 ),
pExp( -1 ),
running( false ),
+ userEntryLocked(false),
suppressInfoMsg(false)
{
ctx = Login;
@@ -265,6 +266,7 @@ KPamGreeter::setUser( const TQString &user )
}
void KPamGreeter::lockUserEntry( const bool lock ) {
+ userEntryLocked = lock;
loginEdit->setEnabled(!lock);
}
@@ -284,14 +286,32 @@ KPamGreeter::setEnabled(bool enable)
// loginLabel->setEnabled( enable );
authEdit[0]->setEnabled( enable );
setActive( enable );
- if (enable)
+ if (enable) {
authEdit[0]->setFocus();
+ }
}
void KPamGreeter::setInfoMessageDisplay(bool enable) {
suppressInfoMsg = !enable;
}
+void KPamGreeter::setPasswordPrompt(const TQString &prompt) {
+#if 0
+ if (passwdLabel) {
+ if (prompt != TQString::null) {
+ passwdLabel->setText(prompt);
+ }
+ else {
+ passwdLabel->setText(passwordPrompt());
+ }
+ if (grid) {
+ grid->invalidate();
+ grid->activate();
+ }
+ }
+#endif
+}
+
void // private
KPamGreeter::returnData()
{
@@ -349,8 +369,9 @@ KPamGreeter::textPrompt( const char *prompt, bool echo, bool nonBlocking )
kg_debug("state is %d, authEdit.size is %d\n", state, authEdit.size());
if (state == 0 && echo) {
- if (loginLabel)
+ if (loginLabel) {
loginLabel->setText(TQString::fromUtf8(prompt));
+ }
else if (m_themer) {
KdmLabel *tdmlabel = static_cast<KdmLabel*>(m_themer->findNode("user-label"));
if (tdmlabel) {
@@ -612,8 +633,14 @@ KPamGreeter::clear()
void
KPamGreeter::setActive( bool enable )
{
- if (loginEdit)
- loginEdit->setEnabled( enable );
+ if (loginEdit) {
+ if (userEntryLocked) {
+ loginEdit->setEnabled( false );
+ }
+ else {
+ loginEdit->setEnabled( enable );
+ }
+ }
}
void
diff --git a/tdmlib/kgreet_pam.h b/tdmlib/kgreet_pam.h
index 79e92b33a..f579f9522 100644
--- a/tdmlib/kgreet_pam.h
+++ b/tdmlib/kgreet_pam.h
@@ -52,6 +52,7 @@ class KPamGreeter : public TQObject, public KGreeterPlugin {
virtual void setUser( const TQString &user );
virtual void lockUserEntry( const bool lock );
virtual void setPassword( const TQString &pass );
+ virtual void setPasswordPrompt( const TQString &prompt );
virtual void setEnabled( bool on );
virtual void setInfoMessageDisplay( bool on );
virtual bool textMessage( const char *message, bool error );
@@ -90,7 +91,7 @@ class KPamGreeter : public TQObject, public KGreeterPlugin {
Context ctx;
int exp, pExp, has;
unsigned state;
- bool running, authTok, suppressInfoMsg;
+ bool running, authTok, userEntryLocked, suppressInfoMsg;
};
#endif /* KGREET_CLASSIC_H */
diff --git a/tdmlib/kgreet_winbind.cpp b/tdmlib/kgreet_winbind.cpp
index 1efd170ba..cddb2866b 100644
--- a/tdmlib/kgreet_winbind.cpp
+++ b/tdmlib/kgreet_winbind.cpp
@@ -75,6 +75,7 @@ KWinbindGreeter::KWinbindGreeter( KGreeterPluginHandler *_handler,
exp( -1 ),
pExp( -1 ),
running( false ),
+ userEntryLocked(false),
suppressInfoMsg(false)
{
KdmItem *user_entry = 0, *pw_entry = 0, *domain_entry = 0;
@@ -299,6 +300,7 @@ KWinbindGreeter::setUser( const TQString &user )
}
void KWinbindGreeter::lockUserEntry( const bool lock ) {
+ userEntryLocked = lock;
loginEdit->setEnabled(!lock);
}
@@ -328,6 +330,23 @@ void KWinbindGreeter::setInfoMessageDisplay(bool enable) {
suppressInfoMsg = !enable;
}
+void KWinbindGreeter::setPasswordPrompt(const TQString &prompt) {
+#if 0
+ if (passwdLabel) {
+ if (prompt != TQString::null) {
+ passwdLabel->setText(prompt);
+ }
+ else {
+ passwdLabel->setText(passwordPrompt());
+ }
+ if (grid) {
+ grid->invalidate();
+ grid->activate();
+ }
+ }
+#endif
+}
+
void // private
KWinbindGreeter::returnData()
{
@@ -537,12 +556,20 @@ KWinbindGreeter::clear()
void
KWinbindGreeter::setActive( bool enable )
{
- if (domainCombo)
+ if (domainCombo) {
domainCombo->setEnabled( enable );
- if (loginEdit)
- loginEdit->setEnabled( enable );
- if (passwdEdit)
+ }
+ if (loginEdit) {
+ if (userEntryLocked) {
+ loginEdit->setEnabled( false );
+ }
+ else {
+ loginEdit->setEnabled( enable );
+ }
+ }
+ if (passwdEdit) {
passwdEdit->setEnabled( enable );
+ }
}
void
diff --git a/tdmlib/kgreet_winbind.h b/tdmlib/kgreet_winbind.h
index e21fce35b..85565628e 100644
--- a/tdmlib/kgreet_winbind.h
+++ b/tdmlib/kgreet_winbind.h
@@ -56,6 +56,7 @@ class KWinbindGreeter : public TQObject, public KGreeterPlugin {
virtual void setUser( const TQString &user );
virtual void lockUserEntry( const bool lock );
virtual void setPassword( const TQString &pass );
+ virtual void setPasswordPrompt( const TQString &prompt );
virtual void setEnabled( bool on );
virtual void setInfoMessageDisplay( bool on );
virtual bool textMessage( const char *message, bool error );
@@ -97,7 +98,7 @@ class KWinbindGreeter : public TQObject, public KGreeterPlugin {
Function func;
Context ctx;
int exp, pExp, has;
- bool running, authTok, suppressInfoMsg;
+ bool running, authTok, userEntryLocked, suppressInfoMsg;
};
#endif /* KGREET_WINBIND_H */
diff --git a/tdmlib/kgreeterplugin.h b/tdmlib/kgreeterplugin.h
index 029da236c..1dcd0233b 100644
--- a/tdmlib/kgreeterplugin.h
+++ b/tdmlib/kgreeterplugin.h
@@ -164,6 +164,12 @@ public:
virtual void setPassword( const TQString &pass ) = 0;
/**
+ * Set the talker's password prompt to a custom string
+ * @param prompt the password prompt to set, or TQString::null for default
+ */
+ virtual void setPasswordPrompt( const TQString &prompt ) = 0;
+
+ /**
* En-/disable any widgets contained in the talker.
* Will be called only when not running.
* @param on the state to set