How to add support for mounting encrypted volumes?



I am currently writing a patch for gnome-vfs to enable mounting of encrypted volumes.

Crypto-Loop and AES-Loop volumes can be mounted easily with patched versions of util-linux, but not with gnome-vfs/nautilus. (See bug #130356)

With some help by Fernando Herrera (gnome-love rocks :) I wrote a little test application that implements gnome_vfs_drive_mount with password support (see attached file), but now I don't know how to integrate this into gnome-vfs.

Should I ask for the password in gnome_vfs_drive_mount or should I add gnome_vfs_drive_mount_with_password and let Nautils call that if the volume is encrypted? I already added a check for "encryption" in _gnome_vfs_get_unix_mount_table and planned to add a new device type called GNOME_VFS_DEVICE_TYPE_ENCRYPTED. Though I think it would be better if one keeps the device typ and only adds a flag "is_encrypted" so that you can later show the device type icon with a lock emblem.

Any help would be appreciated.
Steffen
/*
 * :: gnome-crypto-mount ::
 *
 * asks for a password and tries to mount the encrypted volume.
 *
 */

#include <unistd.h>
#include <fcntl.h>
#include <string.h>
#include <gtk/gtk.h>
#include <stdlib.h>

static GtkWidget *window;
static GtkWidget *entry;

const gchar* get_password()
{
	const gchar *password;
	
	password = g_strdup_printf ("%s\n", gtk_entry_get_text(GTK_ENTRY (entry)));
	gtk_widget_destroy (GTK_WIDGET (window));

	return password;
}

static void spawn_mount ()
{
	char *envp[] = {
                "LC_ALL=C",
                NULL
        };
	char *argv[5] = {
		"/bin/mount",
		"-p", "0",
		"/mnt/pandora",
		NULL
	};
	gint standard_input;
	gint standard_output;
	gint standard_error;
	GError *error = NULL;
	GIOChannel *io_err;
	const gchar *password;
	gchar *response;
	gsize tam;
	
	if (!(g_spawn_async_with_pipes (NULL,
			argv,
			envp,
			G_SPAWN_SEARCH_PATH,
			NULL, NULL, NULL,
			&standard_input,
			&standard_output,
			&standard_error,
			&error))) {
		g_warning ("g_spawn_async_with_pipes() failed: %s\n", error->message);
		g_error_free (error);
		error = NULL;
	} else {
		password = get_password();
		write (standard_input, password, strlen (password));
		memset (&password, 0x00, strlen (password));
		
		io_err = g_io_channel_unix_new (standard_error);
		g_io_channel_read_to_end (io_err, &response, &tam, &error);
		g_print ("debug: Response = %s", response);
		//if ((strcmp (response, "")) == 0) g_print ("success\n");
		g_io_channel_shutdown (io_err, FALSE, NULL);
		
		g_free (response);
	}
}

static void OnButtonClicked (GtkButton* button, gpointer func_data)
{
	spawn_mount ();
}

void create_gui()
{
	GtkWidget *label, *hbox, *btn; 
	
	window = gtk_window_new (GTK_WINDOW_TOPLEVEL);
	g_signal_connect (G_OBJECT (window), "destroy", G_CALLBACK (gtk_main_quit), NULL);
	gtk_window_set_title (GTK_WINDOW (window), ":: cryptoloop test ::");
	gtk_container_set_border_width (GTK_CONTAINER (window), 5);
	
	hbox = gtk_hbox_new (FALSE, 5);
	label = gtk_label_new ("Password: ");
	entry = gtk_entry_new ();
	gtk_entry_set_visibility (GTK_ENTRY (entry), FALSE);
	gtk_entry_set_activates_default (GTK_ENTRY (entry), TRUE);
	btn = gtk_button_new_from_stock (GTK_STOCK_OK);
	GTK_WIDGET_SET_FLAGS (GTK_WIDGET (btn), GTK_CAN_DEFAULT);
	gtk_window_set_default (GTK_WINDOW (window), GTK_WIDGET (btn));
	g_signal_connect(G_OBJECT(btn), "clicked", G_CALLBACK (OnButtonClicked), GTK_WIDGET (entry));
	
	gtk_container_add (GTK_CONTAINER (hbox), label);
	gtk_container_add (GTK_CONTAINER (hbox), entry);
	gtk_container_add (GTK_CONTAINER (hbox), btn);
	gtk_container_add (GTK_CONTAINER (window), hbox);

	gtk_widget_show_all (window);
}

int main(int argc, char *argv[])
{
	gtk_init (&argc, &argv);
	create_gui();
	gtk_main();
	
	return 0;
}


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]