krb5-auth-dialog r139 - in trunk: . src
- From: guidog svn gnome org
- To: svn-commits-list gnome org
- Subject: krb5-auth-dialog r139 - in trunk: . src
- Date: Sat, 4 Apr 2009 09:29:48 +0000 (UTC)
Author: guidog
Date: Sat Apr 4 09:29:48 2009
New Revision: 139
URL: http://svn.gnome.org/viewvc/krb5-auth-dialog?rev=139&view=rev
Log:
allow to set ticket flags via gconf
proxiable, renewable and forwardable are supported.
Modified:
trunk/ChangeLog
trunk/src/krb5-auth-applet.c
trunk/src/krb5-auth-dialog.c
trunk/src/krb5-auth-dialog.schemas.in
trunk/src/krb5-auth-gconf-tools.h
trunk/src/krb5-auth-gconf.c
Modified: trunk/src/krb5-auth-applet.c
==============================================================================
--- trunk/src/krb5-auth-applet.c (original)
+++ trunk/src/krb5-auth-applet.c Sat Apr 4 09:29:48 2009
@@ -43,6 +43,9 @@
KA_PROP_PK_USERID,
KA_PROP_TRAYICON,
KA_PROP_PW_PROMPT_MINS,
+ KA_PROP_TGT_FORWARDABLE,
+ KA_PROP_TGT_PROXIABLE,
+ KA_PROP_TGT_RENEWABLE,
};
struct _KaApplet {
@@ -73,6 +76,9 @@
char* principal; /* the principal to request */
gboolean renewable; /* credentials renewable? */
char* pk_userid; /* "userid" for pkint */
+ gboolean tgt_forwardable; /* request a forwardable ticket */
+ gboolean tgt_renewable; /* request a renewable ticket */
+ gboolean tgt_proxiable; /* request a proxiable ticket */
};
static void
@@ -106,6 +112,21 @@
KA_DEBUG ("%s: %d", pspec->name, self->priv->pw_prompt_secs/60);
break;
+ case KA_PROP_TGT_FORWARDABLE:
+ self->priv->tgt_forwardable = g_value_get_boolean (value);
+ KA_DEBUG ("%s: %s", pspec->name, self->priv->tgt_forwardable ? "True" : "False");
+ break;
+
+ case KA_PROP_TGT_PROXIABLE:
+ self->priv->tgt_proxiable = g_value_get_boolean (value);
+ KA_DEBUG ("%s: %s", pspec->name, self->priv->tgt_proxiable ? "True" : "False");
+ break;
+
+ case KA_PROP_TGT_RENEWABLE:
+ self->priv->tgt_renewable = g_value_get_boolean (value);
+ KA_DEBUG ("%s: %s", pspec->name, self->priv->tgt_renewable ? "True" : "False");
+ break;
+
default:
/* We don't have any other property... */
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec);
@@ -139,6 +160,18 @@
g_value_set_uint (value, self->priv->pw_prompt_secs / 60);
break;
+ case KA_PROP_TGT_FORWARDABLE:
+ g_value_set_boolean (value, self->priv->tgt_forwardable);
+ break;
+
+ case KA_PROP_TGT_PROXIABLE:
+ g_value_set_boolean (value, self->priv->tgt_proxiable);
+ break;
+
+ case KA_PROP_TGT_RENEWABLE:
+ g_value_set_boolean (value, self->priv->tgt_renewable);
+ break;
+
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec);
break;
@@ -203,7 +236,7 @@
pspec = g_param_spec_string ("principal",
"Principal",
- "Get/Set Kerberos Principal",
+ "Get/Set Kerberos principal",
"",
G_PARAM_CONSTRUCT | G_PARAM_READWRITE);
g_object_class_install_property (object_class,
@@ -211,7 +244,7 @@
pspec);
pspec = g_param_spec_string ("pk-userid",
- "PKinit Identifier",
+ "PKinit identifier",
"Get/Set Pkinit identifier",
"",
G_PARAM_CONSTRUCT | G_PARAM_READWRITE);
@@ -229,13 +262,40 @@
pspec);
pspec = g_param_spec_uint ("pw-prompt-mins",
- "Password Prompting Interval",
- "Password Prompting Interval in Minutes",
+ "Password prompting interval",
+ "Password prompting interval in minutes",
0, G_MAXUINT, MINUTES_BEFORE_PROMPTING,
G_PARAM_CONSTRUCT | G_PARAM_READWRITE);
g_object_class_install_property (object_class,
KA_PROP_PW_PROMPT_MINS,
pspec);
+
+ pspec = g_param_spec_boolean("tgt-forwardable",
+ "Forwardable ticket",
+ "wether to request forwardable tickets",
+ FALSE,
+ G_PARAM_CONSTRUCT | G_PARAM_READWRITE);
+ g_object_class_install_property (object_class,
+ KA_PROP_TGT_FORWARDABLE,
+ pspec);
+
+ pspec = g_param_spec_boolean("tgt-proxiable",
+ "Proxiable ticket",
+ "wether to request proxiable tickets",
+ FALSE,
+ G_PARAM_CONSTRUCT | G_PARAM_READWRITE);
+ g_object_class_install_property (object_class,
+ KA_PROP_TGT_PROXIABLE,
+ pspec);
+
+ pspec = g_param_spec_boolean("tgt-renewable",
+ "Renewable ticket",
+ "wether to request renewable tickets",
+ FALSE,
+ G_PARAM_CONSTRUCT | G_PARAM_READWRITE);
+ g_object_class_install_property (object_class,
+ KA_PROP_TGT_RENEWABLE,
+ pspec);
}
Modified: trunk/src/krb5-auth-dialog.c
==============================================================================
--- trunk/src/krb5-auth-dialog.c (original)
+++ trunk/src/krb5-auth-dialog.c Sat Apr 4 09:29:48 2009
@@ -378,9 +378,40 @@
}
+/*
+ * set ticket options by looking at krb5.conf and gconf
+ */
+static void
+ka_set_ticket_options(KaApplet* applet,
+ krb5_get_init_creds_opt *out)
+{
+ gboolean flag;
+
+#ifdef HAVE_KRB5_GET_INIT_CREDS_OPT_SET_DEFAULT_FLAGS
+ krb5_get_init_creds_opt_set_default_flags(kcontext, PACKAGE,
+ krb5_principal_get_realm(kcontext, kprincipal), out);
+#endif
+ g_object_get(applet, "tgt-forwardable", &flag, NULL);
+ if (flag)
+ krb5_get_init_creds_opt_set_forwardable(out, flag);
+ g_object_get(applet, "tgt-proxiable", &flag, NULL);
+ if (flag)
+ krb5_get_init_creds_opt_set_proxiable(out, flag);
+ g_object_get(applet, "tgt-renewable", &flag, NULL);
+ if (flag) {
+ krb5_deltat r = 3600*24*30; /* 1 month */
+ krb5_get_init_creds_opt_set_renew_life (out, r);
+ }
+}
+
+
+/*
+ * set ticket options
+ * by looking at krb5.conf, the passed in creds and gconf
+ */
static void
set_options_from_creds(const KaApplet* applet,
- krb5_context context G_GNUC_UNUSED,
+ krb5_context context,
krb5_creds *in,
krb5_get_init_creds_opt *out)
{
@@ -388,8 +419,8 @@
int flag;
#ifdef HAVE_KRB5_GET_INIT_CREDS_OPT_SET_DEFAULT_FLAGS
- krb5_get_init_creds_opt_set_default_flags(kcontext, PACKAGE,
- krb5_principal_get_realm(kcontext, kprincipal), out);
+ krb5_get_init_creds_opt_set_default_flags(context, PACKAGE,
+ krb5_principal_get_realm(context, kprincipal), out);
#endif
flag = get_cred_forwardable(in) != 0;
@@ -426,7 +457,7 @@
retval = krb5_get_init_creds_opt_alloc (kcontext, &opts);
if (retval)
goto out;
- set_options_from_creds (applet, kcontext, creds, opts);
+ ka_set_ticket_options (applet, opts);
retval = krb5_get_init_creds_opt_set_pkinit(kcontext, opts,
kprincipal,
@@ -461,7 +492,7 @@
retval = krb5_get_init_creds_opt_alloc (kcontext, &opts);
if (retval)
goto out;
- set_options_from_creds (applet, kcontext, creds, opts);
+ ka_set_ticket_options (applet, opts);
retval = krb5_get_init_creds_password(kcontext, creds, kprincipal,
NULL, auth_dialog_prompter, applet,
0, NULL, opts);
@@ -477,9 +508,7 @@
krb5_error_code ret;
gchar *principal = NULL;
- g_object_get(applet, "principal", &principal,
- NULL);
-
+ g_object_get(applet, "principal", &principal, NULL);
ret = krb5_parse_name(krbcontext, principal,
kprinc);
@@ -773,8 +802,7 @@
int retval;
char* principal;
- g_object_get(applet, "principal", &principal,
- NULL);
+ g_object_get(applet, "principal", &principal, NULL);
if (strlen(newprincipal)) {
krb5_principal knewprinc;
@@ -817,7 +845,6 @@
ka_grab_credentials (KaApplet* applet)
{
int retval;
- gboolean retry;
int success = FALSE;
KaPwDialog *pwdialog = ka_applet_get_pwdialog(applet);
Modified: trunk/src/krb5-auth-dialog.schemas.in
==============================================================================
--- trunk/src/krb5-auth-dialog.schemas.in (original)
+++ trunk/src/krb5-auth-dialog.schemas.in Sat Apr 4 09:29:48 2009
@@ -51,5 +51,44 @@
<long>Start prompting/displaying notifications that many minutes before expiry</long>
</locale>
</schema>
+
+ <schema>
+ <key>/schemas/apps/::PACKAGE::/forwardable</key>
+ <applyto>/apps/::PACKAGE::/forwardable</applyto>
+ <owner>::PACKAGE::</owner>
+ <type>bool</type>
+ <default>0</default>
+
+ <locale name="C">
+ <short>Forwardable ticket</short>
+ <long>Requested tickets should be forwardable</long>
+ </locale>
+ </schema>
+
+ <schema>
+ <key>/schemas/apps/::PACKAGE::/renewable</key>
+ <applyto>/apps/::PACKAGE::/renewable</applyto>
+ <owner>::PACKAGE::</owner>
+ <type>bool</type>
+ <default>0</default>
+
+ <locale name="C">
+ <short>Renewable ticket</short>
+ <long>Requested tickets should be renewable</long>
+ </locale>
+ </schema>
+
+ <schema>
+ <key>/schemas/apps/::PACKAGE::/proxiable</key>
+ <applyto>/apps/::PACKAGE::/proxiable</applyto>
+ <owner>::PACKAGE::</owner>
+ <type>bool</type>
+ <default>0</default>
+
+ <locale name="C">
+ <short>Proxiable ticket</short>
+ <long>Requested tickets should be proxiable</long>
+ </locale>
+ </schema>
</schemalist>
</gconfschemafile>
Modified: trunk/src/krb5-auth-gconf-tools.h
==============================================================================
--- trunk/src/krb5-auth-gconf-tools.h (original)
+++ trunk/src/krb5-auth-gconf-tools.h Sat Apr 4 09:29:48 2009
@@ -30,6 +30,9 @@
#define KA_GCONF_KEY_PK_USERID KA_GCONF_PATH "/pk_userid"
#define KA_GCONF_KEY_PROMPT_MINS KA_GCONF_PATH "/prompt_minutes"
#define KA_GCONF_KEY_SHOW_TRAYICON KA_GCONF_PATH "/show_trayicon"
+#define KA_GCONF_KEY_FORWARDABLE KA_GCONF_PATH "/forwardable"
+#define KA_GCONF_KEY_RENEWABLE KA_GCONF_PATH "/renewable"
+#define KA_GCONF_KEY_PROXIABLE KA_GCONF_PATH "/proxiable"
gboolean ka_gconf_get_string (GConfClient* client, const char* key, char** value);
gboolean ka_gconf_get_int (GConfClient* client, const char* key, int* value);
Modified: trunk/src/krb5-auth-gconf.c
==============================================================================
--- trunk/src/krb5-auth-gconf.c (original)
+++ trunk/src/krb5-auth-gconf.c Sat Apr 4 09:29:48 2009
@@ -79,6 +79,45 @@
}
+static gboolean
+ka_gconf_set_tgt_forwardable (GConfClient* client, KaApplet* applet)
+{
+ gboolean forwardable = FALSE;
+
+ if(!ka_gconf_get_bool(client, KA_GCONF_KEY_FORWARDABLE, &forwardable)) {
+ forwardable = TRUE;
+ }
+ g_object_set(applet, "tgt-forwardable", forwardable, NULL);
+ return TRUE;
+}
+
+
+static gboolean
+ka_gconf_set_tgt_renewable (GConfClient* client, KaApplet* applet)
+{
+ gboolean renewable = FALSE;
+
+ if(!ka_gconf_get_bool(client, KA_GCONF_KEY_RENEWABLE, &renewable)) {
+ renewable = TRUE;
+ }
+ g_object_set(applet, "tgt-renewable", renewable, NULL);
+ return TRUE;
+}
+
+
+static gboolean
+ka_gconf_set_tgt_proxiable (GConfClient* client, KaApplet* applet)
+{
+ gboolean proxiable = FALSE;
+
+ if(!ka_gconf_get_bool(client, KA_GCONF_KEY_PROXIABLE, &proxiable)) {
+ proxiable = TRUE;
+ }
+ g_object_set(applet, "tgt-proxiable", proxiable, NULL);
+ return TRUE;
+}
+
+
static void
ka_gconf_key_changed_callback (GConfClient* client,
guint cnxn_id G_GNUC_UNUSED,
@@ -101,6 +140,12 @@
ka_gconf_set_show_trayicon (client, applet);
} else if (g_strcmp0 (key, KA_GCONF_KEY_PK_USERID) == 0) {
ka_gconf_set_pk_userid (client, applet);
+ } else if (g_strcmp0 (key, KA_GCONF_KEY_FORWARDABLE) == 0) {
+ ka_gconf_set_tgt_forwardable (client, applet);
+ } else if (g_strcmp0 (key, KA_GCONF_KEY_RENEWABLE) == 0) {
+ ka_gconf_set_tgt_renewable (client, applet);
+ } else if (g_strcmp0 (key, KA_GCONF_KEY_PROXIABLE) == 0) {
+ ka_gconf_set_tgt_proxiable (client, applet);
} else
g_warning("Received notification for unknown gconf key %s", key);
return;
@@ -131,6 +176,9 @@
ka_gconf_set_prompt_mins (client, applet);
ka_gconf_set_show_trayicon (client, applet);
ka_gconf_set_pk_userid(client, applet);
+ ka_gconf_set_tgt_forwardable(client, applet);
+ ka_gconf_set_tgt_renewable(client, applet);
+ ka_gconf_set_tgt_proxiable(client, applet);
success = TRUE;
out:
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
