[glib: 1/2] Add support for TCRYPT volumes to GMountOperation
- From: Philip Withnall <pwithnall src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [glib: 1/2] Add support for TCRYPT volumes to GMountOperation
- Date: Thu, 21 Jun 2018 14:30:27 +0000 (UTC)
commit 76b4d0ab3f04e6ff54d0ae3ca624403291907af2
Author: segfault <segfault riseup net>
Date: Fri Mar 9 00:40:17 2018 +0100
Add support for TCRYPT volumes to GMountOperation
Add G_ASK_PASSWORD_TCRYPT flag to GAskPasswordFlags and add the
following properties to GMountOperation:
- hidden_volume [1]
- system_volume [2]
- pim [3]
[1] https://www.veracrypt.fr/en/Hidden%20Volume.html
[2] https://www.veracrypt.fr/en/System%20Encryption.html
[3] https://www.veracrypt.fr/en/Personal%20Iterations%20Multiplier%20(PIM).html
docs/reference/gio/gio-sections.txt | 6 +
docs/reference/gio/gio.xml | 15 +++
gio/gio-tool-mount.c | 16 +++
gio/gioenums.h | 12 +-
gio/gmountoperation.c | 219 +++++++++++++++++++++++++++++++++++-
gio/gmountoperation.h | 15 +++
gio/tests/mount-operation.c | 21 ++++
7 files changed, 298 insertions(+), 6 deletions(-)
---
diff --git a/docs/reference/gio/gio-sections.txt b/docs/reference/gio/gio-sections.txt
index 9ae6d85c5..bca2e3670 100644
--- a/docs/reference/gio/gio-sections.txt
+++ b/docs/reference/gio/gio-sections.txt
@@ -1497,6 +1497,12 @@ g_mount_operation_get_password_save
g_mount_operation_set_password_save
g_mount_operation_get_choice
g_mount_operation_set_choice
+g_mount_operation_get_is_tcrypt_hidden_volume
+g_mount_operation_set_is_tcrypt_hidden_volume
+g_mount_operation_get_is_tcrypt_system_volume
+g_mount_operation_set_is_tcrypt_system_volume
+g_mount_operation_get_pim
+g_mount_operation_set_pim
g_mount_operation_reply
<SUBSECTION Standard>
GMountOperationClass
diff --git a/docs/reference/gio/gio.xml b/docs/reference/gio/gio.xml
index c3fd8f5b6..f2635d0b3 100644
--- a/docs/reference/gio/gio.xml
+++ b/docs/reference/gio/gio.xml
@@ -455,6 +455,21 @@
<listitem><para>Show extra information.</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><option>--tcrypt-pim</option></term>
+ <listitem><para>The numeric PIM when unlocking a VeraCrypt volume.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>--tcrypt-hidden</option></term>
+ <listitem><para>Mount a TCRYPT hidden volume.</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><option>--tcrypt-system</option></term>
+ <listitem><para>Mount a TCRYPT system volume.</para>
+ </listitem>
+ </varlistentry>
</variablelist>
</refsect3>
</listitem>
diff --git a/gio/gio-tool-mount.c b/gio/gio-tool-mount.c
index 224ff8990..b5aaa1af2 100644
--- a/gio/gio-tool-mount.c
+++ b/gio/gio-tool-mount.c
@@ -48,6 +48,9 @@ static gboolean anonymous = FALSE;
static gboolean mount_list = FALSE;
static gboolean extra_detail = FALSE;
static gboolean mount_monitor = FALSE;
+static gboolean tcrypt_hidden = FALSE;
+static gboolean tcrypt_system = FALSE;
+static guint tcrypt_pim = 0;
static const char *unmount_scheme = NULL;
static const char *mount_device_file = NULL;
static const char *stop_device_file = NULL;
@@ -68,6 +71,9 @@ static const GOptionEntry entries[] =
{ "list", 'l', 0, G_OPTION_ARG_NONE, &mount_list, N_("List"), NULL},
{ "monitor", 'o', 0, G_OPTION_ARG_NONE, &mount_monitor, N_("Monitor events"), NULL},
{ "detail", 'i', 0, G_OPTION_ARG_NONE, &extra_detail, N_("Show extra information"), NULL},
+ { "tcrypt-pim", 0, 0, G_OPTION_ARG_INT, &tcrypt_pim, N_("The numeric PIM when unlocking a VeraCrypt
volume"), N_("PIM")},
+ { "tcrypt-hidden", 0, 0, G_OPTION_ARG_NONE, &tcrypt_hidden, N_("Mount a TCRYPT hidden volume"), NULL},
+ { "tcrypt-system", 0, 0, G_OPTION_ARG_NONE, &tcrypt_system, N_("Mount a TCRYPT system volume"), NULL},
{ NULL }
};
@@ -174,6 +180,16 @@ ask_password_cb (GMountOperation *op,
}
}
+ if (flags & G_ASK_PASSWORD_TCRYPT)
+ {
+ if (tcrypt_pim)
+ g_mount_operation_set_pim (op, tcrypt_pim);
+ if (tcrypt_hidden)
+ g_mount_operation_set_is_tcrypt_hidden_volume (op, TRUE);
+ if (tcrypt_system)
+ g_mount_operation_set_is_tcrypt_system_volume (op, TRUE);
+ }
+
/* Only try anonymous access once. */
if (anonymous &&
GPOINTER_TO_INT (g_object_get_data (G_OBJECT (op), "state")) == MOUNT_OP_ASKED)
diff --git a/gio/gioenums.h b/gio/gioenums.h
index bc844b9b9..99b1c7937 100644
--- a/gio/gioenums.h
+++ b/gio/gioenums.h
@@ -572,17 +572,19 @@ typedef enum {
* @G_ASK_PASSWORD_NEED_DOMAIN: operation requires a domain.
* @G_ASK_PASSWORD_SAVING_SUPPORTED: operation supports saving settings.
* @G_ASK_PASSWORD_ANONYMOUS_SUPPORTED: operation supports anonymous users.
+ * @G_ASK_PASSWORD_TCRYPT: operation takes TCRYPT parameters (Since: 2.58)
*
* #GAskPasswordFlags are used to request specific information from the
* user, or to notify the user of their choices in an authentication
* situation.
**/
typedef enum {
- G_ASK_PASSWORD_NEED_PASSWORD = (1 << 0),
- G_ASK_PASSWORD_NEED_USERNAME = (1 << 1),
- G_ASK_PASSWORD_NEED_DOMAIN = (1 << 2),
- G_ASK_PASSWORD_SAVING_SUPPORTED = (1 << 3),
- G_ASK_PASSWORD_ANONYMOUS_SUPPORTED = (1 << 4)
+ G_ASK_PASSWORD_NEED_PASSWORD = (1 << 0),
+ G_ASK_PASSWORD_NEED_USERNAME = (1 << 1),
+ G_ASK_PASSWORD_NEED_DOMAIN = (1 << 2),
+ G_ASK_PASSWORD_SAVING_SUPPORTED = (1 << 3),
+ G_ASK_PASSWORD_ANONYMOUS_SUPPORTED = (1 << 4),
+ G_ASK_PASSWORD_TCRYPT = (1 << 5),
} GAskPasswordFlags;
diff --git a/gio/gmountoperation.c b/gio/gmountoperation.c
index 2a2b4ce5b..d59acb3b5 100644
--- a/gio/gmountoperation.c
+++ b/gio/gmountoperation.c
@@ -47,6 +47,12 @@
* #GtkMountOperation. If no user interaction is desired (for example
* when automounting filesystems at login time), usually %NULL can be
* passed, see each method taking a #GMountOperation for details.
+ *
+ * The term ‘TCRYPT’ is used to mean ‘compatible with TrueCrypt and VeraCrypt’.
+ * [TrueCrypt](https://en.wikipedia.org/wiki/TrueCrypt) is a discontinued system for
+ * encrypting file containers, partitions or whole disks, typically used with Windows.
+ * [VeraCrypt](https://www.veracrypt.fr/) is a maintained fork of TrueCrypt with various
+ * improvements and auditing fixes.
*/
enum {
@@ -68,6 +74,9 @@ struct _GMountOperationPrivate {
gboolean anonymous;
GPasswordSave password_save;
int choice;
+ gboolean hidden_volume;
+ gboolean system_volume;
+ guint pim;
};
enum {
@@ -77,7 +86,10 @@ enum {
PROP_ANONYMOUS,
PROP_DOMAIN,
PROP_PASSWORD_SAVE,
- PROP_CHOICE
+ PROP_CHOICE,
+ PROP_IS_TCRYPT_HIDDEN_VOLUME,
+ PROP_IS_TCRYPT_SYSTEM_VOLUME,
+ PROP_PIM
};
G_DEFINE_TYPE_WITH_PRIVATE (GMountOperation, g_mount_operation, G_TYPE_OBJECT)
@@ -124,6 +136,21 @@ g_mount_operation_set_property (GObject *object,
g_value_get_int (value));
break;
+ case PROP_IS_TCRYPT_HIDDEN_VOLUME:
+ g_mount_operation_set_is_tcrypt_hidden_volume (operation,
+ g_value_get_boolean (value));
+ break;
+
+ case PROP_IS_TCRYPT_SYSTEM_VOLUME:
+ g_mount_operation_set_is_tcrypt_system_volume (operation,
+ g_value_get_boolean (value));
+ break;
+
+ case PROP_PIM:
+ g_mount_operation_set_pim (operation,
+ g_value_get_uint (value));
+ break;
+
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
break;
@@ -169,6 +196,18 @@ g_mount_operation_get_property (GObject *object,
g_value_set_int (value, priv->choice);
break;
+ case PROP_IS_TCRYPT_HIDDEN_VOLUME:
+ g_value_set_boolean (value, priv->hidden_volume);
+ break;
+
+ case PROP_IS_TCRYPT_SYSTEM_VOLUME:
+ g_value_set_boolean (value, priv->system_volume);
+ break;
+
+ case PROP_PIM:
+ g_value_set_uint (value, priv->pim);
+ break;
+
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
break;
@@ -504,6 +543,60 @@ g_mount_operation_class_init (GMountOperationClass *klass)
0, G_MAXINT, 0,
G_PARAM_READWRITE|
G_PARAM_STATIC_NAME|G_PARAM_STATIC_NICK|G_PARAM_STATIC_BLURB));
+
+ /**
+ * GMountOperation:is-tcrypt-hidden-volume:
+ *
+ * Whether the device to be unlocked is a TCRYPT hidden volume.
+ * See https://www.veracrypt.fr/en/Hidden%20Volume.html.
+ *
+ * Since: 2.58
+ */
+ g_object_class_install_property (object_class,
+ PROP_IS_TCRYPT_HIDDEN_VOLUME,
+ g_param_spec_boolean ("is-tcrypt-hidden-volume",
+ P_("TCRYPT Hidden Volume"),
+ P_("Whether to unlock a TCRYPT hidden volume. See
https://www.veracrypt.fr/en/Hidden%20Volume.html."),
+ FALSE,
+ G_PARAM_READWRITE|
+
G_PARAM_STATIC_NAME|G_PARAM_STATIC_NICK|G_PARAM_STATIC_BLURB));
+
+ /**
+ * GMountOperation:is-tcrypt-system-volume:
+ *
+ * Whether the device to be unlocked is a TCRYPT system volume.
+ * In this context, a system volume is a volume with a bootloader
+ * and operating system installed. This is only supported for Windows
+ * operating systems. For further documentation, see
+ * https://www.veracrypt.fr/en/System%20Encryption.html.
+ *
+ * Since: 2.58
+ */
+ g_object_class_install_property (object_class,
+ PROP_IS_TCRYPT_SYSTEM_VOLUME,
+ g_param_spec_boolean ("is-tcrypt-system-volume",
+ P_("TCRYPT System Volume"),
+ P_("Whether to unlock a TCRYPT system volume. Only
supported for unlocking Windows system volumes. See https://www.veracrypt.fr/en/System%20Encryption.html."),
+ FALSE,
+ G_PARAM_READWRITE|
+
G_PARAM_STATIC_NAME|G_PARAM_STATIC_NICK|G_PARAM_STATIC_BLURB));
+
+ /**
+ * GMountOperation:pim:
+ *
+ * The VeraCrypt PIM value, when unlocking a VeraCrypt volume. See
+ * https://www.veracrypt.fr/en/Personal%20Iterations%20Multiplier%20(PIM).html.
+ *
+ * Since: 2.58
+ */
+ g_object_class_install_property (object_class,
+ PROP_PIM,
+ g_param_spec_uint ("pim",
+ P_("PIM"),
+ P_("The VeraCrypt PIM value"),
+ 0, G_MAXUINT, 0,
+ G_PARAM_READWRITE|
+
G_PARAM_STATIC_NAME|G_PARAM_STATIC_NICK|G_PARAM_STATIC_BLURB));
}
static void
@@ -736,6 +829,130 @@ g_mount_operation_set_choice (GMountOperation *op,
}
}
+/**
+ * g_mount_operation_get_is_tcrypt_hidden_volume:
+ * @op: a #GMountOperation.
+ *
+ * Check to see whether the mount operation is being used
+ * for a TCRYPT hidden volume.
+ *
+ * Returns: %TRUE if mount operation is for hidden volume.
+ *
+ * Since: 2.58
+ **/
+gboolean
+g_mount_operation_get_is_tcrypt_hidden_volume (GMountOperation *op)
+{
+ g_return_val_if_fail (G_IS_MOUNT_OPERATION (op), FALSE);
+ return op->priv->hidden_volume;
+}
+
+/**
+ * g_mount_operation_set_is_tcrypt_hidden_volume:
+ * @op: a #GMountOperation.
+ * @hidden_volume: boolean value.
+ *
+ * Sets the mount operation to use a hidden volume if @hidden_volume is %TRUE.
+ *
+ * Since: 2.58
+ **/
+void
+g_mount_operation_set_is_tcrypt_hidden_volume (GMountOperation *op,
+ gboolean hidden_volume)
+{
+ GMountOperationPrivate *priv;
+ g_return_if_fail (G_IS_MOUNT_OPERATION (op));
+ priv = op->priv;
+
+ if (priv->hidden_volume != hidden_volume)
+ {
+ priv->hidden_volume = hidden_volume;
+ g_object_notify (G_OBJECT (op), "is-tcrypt-hidden-volume");
+ }
+}
+
+/**
+ * g_mount_operation_get_is_tcrypt_system_volume:
+ * @op: a #GMountOperation.
+ *
+ * Check to see whether the mount operation is being used
+ * for a TCRYPT system volume.
+ *
+ * Returns: %TRUE if mount operation is for system volume.
+ *
+ * Since: 2.58
+ **/
+gboolean
+g_mount_operation_get_is_tcrypt_system_volume (GMountOperation *op)
+{
+ g_return_val_if_fail (G_IS_MOUNT_OPERATION (op), FALSE);
+ return op->priv->system_volume;
+}
+
+/**
+ * g_mount_operation_set_is_tcrypt_system_volume:
+ * @op: a #GMountOperation.
+ * @system_volume: boolean value.
+ *
+ * Sets the mount operation to use a system volume if @system_volume is %TRUE.
+ *
+ * Since: 2.58
+ **/
+void
+g_mount_operation_set_is_tcrypt_system_volume (GMountOperation *op,
+ gboolean system_volume)
+{
+ GMountOperationPrivate *priv;
+ g_return_if_fail (G_IS_MOUNT_OPERATION (op));
+ priv = op->priv;
+
+ if (priv->system_volume != system_volume)
+ {
+ priv->system_volume = system_volume;
+ g_object_notify (G_OBJECT (op), "is-tcrypt-system-volume");
+ }
+}
+
+/**
+ * g_mount_operation_get_pim:
+ * @op: a #GMountOperation.
+ *
+ * Gets a PIM from the mount operation.
+ *
+ * Returns: The VeraCrypt PIM within @op.
+ *
+ * Since: 2.58
+ **/
+guint
+g_mount_operation_get_pim (GMountOperation *op)
+{
+ g_return_val_if_fail (G_IS_MOUNT_OPERATION (op), 0);
+ return op->priv->pim;
+}
+
+/**
+ * g_mount_operation_set_pim:
+ * @op: a #GMountOperation.
+ * @pim: an unsigned integer.
+ *
+ * Sets the mount operation's PIM to @pim.
+ *
+ * Since: 2.58
+ **/
+void
+g_mount_operation_set_pim (GMountOperation *op,
+ guint pim)
+{
+ GMountOperationPrivate *priv;
+ g_return_if_fail (G_IS_MOUNT_OPERATION (op));
+ priv = op->priv;
+ if (priv->pim != pim)
+ {
+ priv->pim = pim;
+ g_object_notify (G_OBJECT (op), "pim");
+ }
+}
+
/**
* g_mount_operation_reply:
* @op: a #GMountOperation
diff --git a/gio/gmountoperation.h b/gio/gmountoperation.h
index 24b96e002..1361fb86f 100644
--- a/gio/gmountoperation.h
+++ b/gio/gmountoperation.h
@@ -149,6 +149,21 @@ void g_mount_operation_set_choice (GMountOperation *op,
GLIB_AVAILABLE_IN_ALL
void g_mount_operation_reply (GMountOperation *op,
GMountOperationResult result);
+GLIB_AVAILABLE_IN_2_58
+gboolean g_mount_operation_get_is_tcrypt_hidden_volume (GMountOperation *op);
+GLIB_AVAILABLE_IN_2_58
+void g_mount_operation_set_is_tcrypt_hidden_volume (GMountOperation *op,
+ gboolean hidden_volume);
+GLIB_AVAILABLE_IN_2_58
+gboolean g_mount_operation_get_is_tcrypt_system_volume (GMountOperation *op);
+GLIB_AVAILABLE_IN_2_58
+void g_mount_operation_set_is_tcrypt_system_volume (GMountOperation *op,
+ gboolean system_volume);
+GLIB_AVAILABLE_IN_2_58
+guint g_mount_operation_get_pim (GMountOperation *op);
+GLIB_AVAILABLE_IN_2_58
+void g_mount_operation_set_pim (GMountOperation *op,
+ guint pim);
G_END_DECLS
diff --git a/gio/tests/mount-operation.c b/gio/tests/mount-operation.c
index 47709db64..0f8566ac7 100644
--- a/gio/tests/mount-operation.c
+++ b/gio/tests/mount-operation.c
@@ -45,6 +45,9 @@ test_properties (void)
gchar *domain = NULL;
GPasswordSave password_save;
int choice;
+ gboolean hidden_volume;
+ gboolean system_volume;
+ guint pim;
op = g_mount_operation_new ();
@@ -55,6 +58,9 @@ test_properties (void)
"domain", &domain,
"password-save", &password_save,
"choice", &choice,
+ "is-tcrypt-hidden-volume", &hidden_volume,
+ "is-tcrypt-system-volume", &system_volume,
+ "pim", &pim,
NULL);
g_assert_cmpstr (username, ==, g_mount_operation_get_username (op));
@@ -63,6 +69,9 @@ test_properties (void)
g_assert_cmpstr (domain, ==, g_mount_operation_get_domain (op));
g_assert_cmpint (password_save, ==, g_mount_operation_get_password_save (op));
g_assert_cmpint (choice, ==, g_mount_operation_get_choice (op));
+ g_assert_cmpint (hidden_volume, ==, g_mount_operation_get_is_tcrypt_hidden_volume (op));
+ g_assert_cmpint (system_volume, ==, g_mount_operation_get_is_tcrypt_system_volume (op));
+ g_assert_cmpuint (pim, ==, g_mount_operation_get_pim (op));
g_mount_operation_set_username (op, "username");
g_assert_cmpstr (g_mount_operation_get_username (op), ==, "username");
@@ -82,6 +91,15 @@ test_properties (void)
g_mount_operation_set_choice (op, 5);
g_assert_cmpint (g_mount_operation_get_choice (op), ==, 5);
+ g_mount_operation_set_is_tcrypt_hidden_volume (op, !hidden_volume);
+ g_assert_cmpint (g_mount_operation_get_is_tcrypt_hidden_volume (op), ==, !hidden_volume);
+
+ g_mount_operation_set_is_tcrypt_system_volume (op, !system_volume);
+ g_assert_cmpint (g_mount_operation_get_is_tcrypt_system_volume (op), ==, !system_volume);
+
+ g_mount_operation_set_pim (op, 5);
+ g_assert_cmpuint (g_mount_operation_get_pim (op), ==, 5);
+
g_object_set (op,
"username", "other-username",
"password", "other-password",
@@ -89,6 +107,9 @@ test_properties (void)
"domain", "other-domain",
"password-save", G_PASSWORD_SAVE_PERMANENTLY,
"choice", 4,
+ "is-tcrypt-hidden-volume", FALSE,
+ "is-tcrypt-system-volume", FALSE,
+ "pim", 4,
NULL);
g_free (domain);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]