krb5-auth-dialog r86 - in branches/pkinit: . src

From: guidog svn gnome org
To: svn-commits-list gnome org
Subject: krb5-auth-dialog r86 - in branches/pkinit: . src
Date: Sun, 4 Jan 2009 14:15:06 +0000 (UTC)
Author: guidog
Date: Sun Jan  4 14:15:06 2009
New Revision: 86
URL: http://svn.gnome.org/viewvc/krb5-auth-dialog?rev=86&view=rev

Log:
use GtkSecureEntry instead of GtkEntry for the password entry

>From gtksecentry.h:
The entry is now always invisible, uses secure memory methods to
allocate the text memory, and all potentially dangerous methods (copy &
paste, popup, etc.) have been removed.

Modified:
   branches/pkinit/ChangeLog
   branches/pkinit/src/Makefile.am
   branches/pkinit/src/krb5-auth-dialog.c
   branches/pkinit/src/krb5-auth-dialog.glade

Modified: branches/pkinit/src/Makefile.am
==============================================================================
--- branches/pkinit/src/Makefile.am	(original)
+++ branches/pkinit/src/Makefile.am	Sun Jan  4 14:15:06 2009
@@ -34,6 +34,8 @@
 			@GLADE_LIBS@ \
 			@GTK_LIBS@
 
+AM_CPPFLAGS = -I $(top_srcdir)/gtksecentry/ -I $(top_srcdir)/secmem/
+
 gladedir = $(datadir)/krb5-auth-dialog
 glade_DATA =			\
 	krb5-auth-dialog.glade

Modified: branches/pkinit/src/krb5-auth-dialog.c
==============================================================================
--- branches/pkinit/src/krb5-auth-dialog.c	(original)
+++ branches/pkinit/src/krb5-auth-dialog.c	Sun Jan  4 14:15:06 2009
@@ -30,6 +30,10 @@
 #include <glib/gi18n.h>
 #include <glade/glade.h>
 
+#include "gtksecentry.h"
+#include "secmem-util.h"
+#include "memory.h"
+
 #include "krb5-auth-dialog.h"
 #include "krb5-auth-applet.h"
 #include "krb5-auth-gconf.h"
@@ -261,8 +265,7 @@
 
 	/* Clear the password entry field */
 	entry = glade_xml_get_widget (applet->pw_xml, "krb5_entry");
-	gtk_entry_set_text (GTK_ENTRY (entry), "");
-	gtk_entry_set_visibility (GTK_ENTRY (entry), !hide_password);
+	gtk_secure_entry_set_text (GTK_SECURE_ENTRY (entry), "");
 
 	/* Use the prompt label that krb5 provides us */
 	label = glade_xml_get_widget (applet->pw_xml, "krb5_message_label");
@@ -324,8 +327,8 @@
 
 		errcode = KRB5_LIBOS_CANTREADPWD;
 
-		entry = glade_xml_get_widget (applet->pw_xml, "krb5_entry");
 		krb5_auth_dialog_setup (applet, (gchar *) prompts[i].prompt, prompts[i].hidden);
+		entry = glade_xml_get_widget (applet->pw_xml, "krb5_entry");
 		gtk_widget_grab_focus (entry);
 
 		source_id = g_timeout_add_seconds (5, (GSourceFunc)krb5_auth_dialog_do_updates, applet);
@@ -333,7 +336,7 @@
 		switch (response)
 		{
 			case GTK_RESPONSE_OK:
-				password = gtk_entry_get_text (GTK_ENTRY (entry));
+				password = gtk_secure_entry_get_text (GTK_SECURE_ENTRY (entry));
 				password_len = strlen (password);
 				errcode = 0;
 				break;
@@ -657,6 +660,38 @@
 }
 
 
+static GtkWidget*
+ka_create_gtk_secure_entry (GladeXML *xml, gchar *func_name, gchar *name,
+				gchar *s1, gchar *s2, gint i1, gint i2,
+				gpointer user_data)
+{
+	GtkWidget* entry = NULL;
+
+	if (!strcmp(name, "krb5_entry")) {
+		entry = gtk_secure_entry_new ();
+		gtk_secure_entry_set_activates_default(GTK_SECURE_ENTRY(entry), TRUE);
+		gtk_widget_show (entry);
+	} else {
+		g_warning("Don't know anything about widget %s", name);
+	}
+	return entry;
+}
+
+
+static void
+ka_secmem_init ()
+{
+	/* Initialize secure memory.  1 is too small, so the default size
+	will be used.  */
+	secmem_init (1);
+	secmem_set_flags (SECMEM_WARN);
+	drop_privs ();
+
+	if (atexit (secmem_term))
+		g_error("Couln't register atexit handler");
+}
+
+
 int
 main (int argc, char *argv[])
 {
@@ -694,6 +729,7 @@
 	textdomain (PACKAGE);
 	bind_textdomain_codeset (PACKAGE, "UTF-8");
 	bindtextdomain (PACKAGE, LOCALE_DIR);
+	ka_secmem_init();
 
 	if (!ka_dbus_connect (&status))
 		exit(status);
@@ -709,6 +745,7 @@
 			return 1;
 
 		/* setup the pw dialog */
+		glade_set_custom_handler (&ka_create_gtk_secure_entry, NULL);
 		applet->pw_xml = glade_xml_new (GLADEDIR "krb5-auth-dialog.glade", NULL, NULL);
 		applet->pw_wrong_label = glade_xml_get_widget (applet->pw_xml, "krb5_wrong_label");
 		applet->pw_dialog = glade_xml_get_widget (applet->pw_xml, "krb5_dialog");

Modified: branches/pkinit/src/krb5-auth-dialog.glade
==============================================================================
--- branches/pkinit/src/krb5-auth-dialog.glade	(original)
+++ branches/pkinit/src/krb5-auth-dialog.glade	Sun Jan  4 14:15:06 2009
@@ -177,7 +177,7 @@
 			  </child>
 
 			  <child>
-			    <widget class="GtkEntry" id="krb5_entry">
+			    <widget class="Custom" id="krb5_entry">
 			      <property name="visible">True</property>
 			      <property name="can_focus">True</property>
 			      <property name="editable">True</property>
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]