[gnome-keyring] [daemon] Bring back feature to save password for keys.



commit e588dbb870c985ae10151bf2428d497027bb90d3
Author: Stef Walter <stef memberwebs com>
Date:   Sun Feb 7 17:35:22 2010 +0000

    [daemon] Bring back feature to save password for keys.
    
    For encryption keys (like SSH) the feature to save their passwords
    in the login keyring was disabled. Reimplement that with the
    new prompt.

 daemon/dbus/gkd-secret-unlock.c |    8 +----
 daemon/login/gkd-login.c        |   14 +++++++--
 daemon/login/gkd-login.h        |    2 +-
 daemon/pkcs11/gkd-pkcs11-auth.c |   58 +++++++++++++++++++-------------------
 daemon/prompt/gkd-prompt.c      |    8 +++++
 daemon/prompt/gkd-prompt.h      |    2 +
 6 files changed, 53 insertions(+), 39 deletions(-)
---
diff --git a/daemon/dbus/gkd-secret-unlock.c b/daemon/dbus/gkd-secret-unlock.c
index c50a1ce..1df91be 100644
--- a/daemon/dbus/gkd-secret-unlock.c
+++ b/daemon/dbus/gkd-secret-unlock.c
@@ -248,7 +248,6 @@ attach_credential_to_login (GP11Object *collection, GP11Object *cred)
 	gsize n_value;
 	gchar *location;
 	gchar *label;
-	gchar *display;
 
 	g_assert (GP11_IS_OBJECT (collection));
 	g_assert (GP11_IS_OBJECT (cred));
@@ -260,13 +259,10 @@ attach_credential_to_login (GP11Object *collection, GP11Object *cred)
 	label = label_string_for_attributes (attrs);
 	gp11_attributes_unref (attrs);
 
-	display = g_strdup_printf (_("Unlock password for %s keyring"), label);
-	g_free (label);
-
 	value = gp11_object_get_data_full (cred, CKA_VALUE, egg_secure_realloc, NULL, &n_value, &error);
 	if (value) {
 		if (g_utf8_validate (value, n_value, NULL))
-			gkd_login_attach_secret (display, value, "keyring", location, NULL);
+			gkd_login_attach_secret (label, value, "keyring", location, NULL);
 		else
 			g_warning ("couldn't save non utf-8 unlock credentials in login keyring");
 		egg_secure_clear (value, n_value);
@@ -278,7 +274,7 @@ attach_credential_to_login (GP11Object *collection, GP11Object *cred)
 	}
 
 	g_free (location);
-	g_free (display);
+	g_free (label);
 }
 
 static void
diff --git a/daemon/login/gkd-login.c b/daemon/login/gkd-login.c
index 704477c..61308f3 100644
--- a/daemon/login/gkd-login.c
+++ b/daemon/login/gkd-login.c
@@ -28,6 +28,8 @@
 #include "pkcs11/gkd-pkcs11.h"
 #include "pkcs11/pkcs11i.h"
 
+#include <glib/gi18n.h>
+
 #include <string.h>
 
 static gint unlock_failures = 0;
@@ -562,18 +564,19 @@ find_login_keyring_item (GP11Session *session, GP11Attribute *fields)
 }
 
 void
-gkd_login_attach_secret (const gchar *display_name, const gchar *secret,
+gkd_login_attach_secret (const gchar *label, const gchar *secret,
                          const gchar *first, ...)
 {
 	GError *error = NULL;
 	GP11Attribute fields;
 	GP11Session *session;
 	GP11Module *module;
+	gchar *display_name;
 	GP11Object* item;
 	va_list va;
 
-	if (display_name == NULL)
-		display_name = "";
+	if (label == NULL)
+		label = _("Unnamed");
 	if (secret == NULL)
 		secret = "";
 
@@ -585,6 +588,8 @@ gkd_login_attach_secret (const gchar *display_name, const gchar *secret,
 	string_attribute_list_va (va, first, &fields);
 	va_end(va);
 
+	display_name = g_strdup_printf (_("Unlock password for: %s"), label);
+
 	item = find_login_keyring_item (session, &fields);
 	if (item) {
 		gp11_object_set (item, &error,
@@ -593,6 +598,7 @@ gkd_login_attach_secret (const gchar *display_name, const gchar *secret,
 		                 GP11_INVALID);
 	} else {
 		item = gp11_session_create_object (session, &error,
+		                                   CKA_TOKEN, GP11_BOOLEAN, TRUE,
 		                                   CKA_CLASS, GP11_ULONG, CKO_SECRET_KEY,
 		                                   CKA_LABEL, strlen (display_name), display_name,
 		                                   CKA_VALUE, strlen (secret), secret,
@@ -608,6 +614,8 @@ gkd_login_attach_secret (const gchar *display_name, const gchar *secret,
 
 	if (item)
 		g_object_unref (item);
+	g_free (display_name);
+	gp11_attribute_clear (&fields);
 	g_object_unref (session);
 	g_object_unref (module);
 }
diff --git a/daemon/login/gkd-login.h b/daemon/login/gkd-login.h
index 7948b20..89157b1 100644
--- a/daemon/login/gkd-login.h
+++ b/daemon/login/gkd-login.h
@@ -35,7 +35,7 @@ gboolean          gkd_login_did_unlock_fail          (void);
 
 gboolean          gkd_login_is_usable                (void);
 
-void              gkd_login_attach_secret            (const gchar *display_name,
+void              gkd_login_attach_secret            (const gchar *label,
                                                       const gchar *secret,
                                                       const gchar *first,
                                                       ...);
diff --git a/daemon/pkcs11/gkd-pkcs11-auth.c b/daemon/pkcs11/gkd-pkcs11-auth.c
index e9cc232..a9f519b 100644
--- a/daemon/pkcs11/gkd-pkcs11-auth.c
+++ b/daemon/pkcs11/gkd-pkcs11-auth.c
@@ -298,10 +298,11 @@ init_user_prompt (CK_SESSION_HANDLE handle, CK_TOKEN_INFO *info,
 	gkd_prompt_set_secondary_text (prompt, secondary);
 	g_free (secondary);
 
-#if 0
-	if (gkd_login_is_usable ())
-		gkd_ask_request_set_check_option (ask, _("Automatically unlock secure storage when I log in."));
-#endif
+	if (gkd_login_is_usable ()) {
+		gkd_prompt_show_widget (prompt, "details_area");
+		gkd_prompt_show_widget (prompt, "lock_area");
+		gkd_prompt_hide_widget (prompt, "options_area");
+	}
 
 	/* Prompt the user */
 	gkd_prompt_request_attention_async (NULL, on_prompt_attention, prompt, NULL);
@@ -315,17 +316,15 @@ init_user_prompt (CK_SESSION_HANDLE handle, CK_TOKEN_INFO *info,
 	/* Successful response */
 	} else {
 		password = gkd_prompt_get_password (prompt, "password");
-		password_to_pin (password, pin, pin_len);
 
-#if 0
-		if (ask->checked) {
-			gkd_login_attach_secret (label, ask->typed_password,
+		if (gkd_prompt_get_unlock_auto (prompt)) {
+			gkd_login_attach_secret (label, password,
 			                         "manufacturer", manufacturer,
 			                         "serial-number", serial,
 			                         NULL);
 		}
-#endif
 
+		password_to_pin (password, pin, pin_len);
 		ret = TRUE;
 	}
 
@@ -465,10 +464,11 @@ login_specific_prompt (CK_SESSION_HANDLE handle, CK_SESSION_INFO *info,
 	gkd_prompt_set_secondary_text (prompt, secondary);
 	g_free (secondary);
 
-#if 0
-	if (object->unique && gkd_login_is_usable ())
-		gkd_ask_request_set_check_option (ask, prepare_specific_check (object->klass));
-#endif
+	if (object->unique && gkd_login_is_usable ()) {
+		gkd_prompt_show_widget (prompt, "details_area");
+		gkd_prompt_show_widget (prompt, "lock_area");
+		gkd_prompt_hide_widget (prompt, "options_area");
+	}
 
 	/* Prompt the user */
 	gkd_prompt_request_attention_sync (NULL, on_prompt_attention, prompt, NULL);
@@ -479,16 +479,15 @@ login_specific_prompt (CK_SESSION_HANDLE handle, CK_SESSION_INFO *info,
 	/* Successful response */
 	else if (gkd_prompt_get_response (prompt) == GKD_RESPONSE_OK) {
 		password = gkd_prompt_get_password (prompt, "password");
-		password_to_pin (password, pin, pin_len);
-		ret = TRUE;
 
-#if 0
 		/* Store forever */
-		if (ask->checked && object->unique && object->token) {
-			gkd_login_attach_secret (object->label, ask->typed_password,
+		if (gkd_prompt_get_unlock_auto (prompt) && object->unique && object->token) {
+			gkd_login_attach_secret (object->label, password,
 			                         "unique", object->unique, NULL);
 		}
-#endif
+
+		password_to_pin (password, pin, pin_len);
+		ret = TRUE;
 
 	/* Other failures etc... */
 	} else {
@@ -601,10 +600,11 @@ login_user_prompt (CK_SESSION_HANDLE handle, CK_TOKEN_INFO *info,
 	gkd_prompt_set_secondary_text (prompt, secondary);
 	g_free (secondary);
 
-#if 0
-	if (gkd_login_is_usable ())
-		gkd_ask_request_set_check_option (ask, _("Automatically unlock secure storage when I log in."));
-#endif
+	if (gkd_login_is_usable ()) {
+		gkd_prompt_show_widget (prompt, "details_area");
+		gkd_prompt_show_widget (prompt, "lock_area");
+		gkd_prompt_hide_widget (prompt, "options_area");
+	}
 
 	/* Prompt the user */
 	gkd_prompt_request_attention_sync (NULL, on_prompt_attention, prompt, NULL);
@@ -619,17 +619,17 @@ login_user_prompt (CK_SESSION_HANDLE handle, CK_TOKEN_INFO *info,
 	/* Successful response */
 	} else {
 		password = gkd_prompt_get_password (prompt, "password");
-		password_to_pin (password, pin, pin_len);
-		ret = TRUE;
-#if 0
+
 		/* Store forever */
-		if (ask->checked) {
-			gkd_login_attach_secret (label, ask->typed_password,
+		if (gkd_prompt_get_unlock_auto (prompt)) {
+			gkd_login_attach_secret (label, password,
 			                         "manufacturer", manufacturer,
 			                         "serial-number", serial,
 			                         NULL);
 		}
-#endif
+
+		password_to_pin (password, pin, pin_len);
+		ret = TRUE;
 	}
 
 	g_free (manufacturer);
diff --git a/daemon/prompt/gkd-prompt.c b/daemon/prompt/gkd-prompt.c
index a8281f3..5c63833 100644
--- a/daemon/prompt/gkd-prompt.c
+++ b/daemon/prompt/gkd-prompt.c
@@ -881,6 +881,14 @@ gkd_prompt_set_unlock_options (GkdPrompt *self, GP11Attributes *attrs)
 		g_key_file_set_integer (self->pv->input, "unlock-options", "unlock-timeout", (int)uval);
 }
 
+gboolean
+gkd_prompt_get_unlock_auto (GkdPrompt *self)
+{
+	g_return_val_if_fail (GKD_IS_PROMPT (self), FALSE);
+	g_return_val_if_fail (self->pv->output, FALSE);
+	return g_key_file_get_boolean (self->pv->output, "unlock-options", "unlock-auto", NULL);
+}
+
 /* ----------------------------------------------------------------------------------
  * ATTENTION QUEUES
  */
diff --git a/daemon/prompt/gkd-prompt.h b/daemon/prompt/gkd-prompt.h
index 9910a9f..b1ce18b 100644
--- a/daemon/prompt/gkd-prompt.h
+++ b/daemon/prompt/gkd-prompt.h
@@ -118,6 +118,8 @@ void                gkd_prompt_get_unlock_options     (GkdPrompt *self,
 void                gkd_prompt_set_unlock_options     (GkdPrompt *self,
                                                        GP11Attributes *attrs);
 
+gboolean            gkd_prompt_get_unlock_auto        (GkdPrompt *self);
+
 gboolean            gkd_prompt_is_widget_selected     (GkdPrompt *prompt,
                                                        const gchar *widget);
 



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]