[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-commits
Subject: KDE/kdebase/runtime/kwalletd
From: Michael Leupold <lemma () confuego ! org>
Date: 2009-11-25 18:47:57
Message-ID: 1259174877.064044.14129.nullmailer () svn ! kde ! org
[Download RAW message or body]
SVN commit 1054213 by mleupold:
Add a method to open a wallet with a pre-hashed password. This is meant to be used in \
conjunction with a PAM plugin (release separately).
M +20 -1 backend/kwalletbackend.cc
M +10 -1 backend/kwalletbackend.h
M +53 -5 kwalletd.cpp
M +6 -0 kwalletd.h
--- trunk/KDE/kdebase/runtime/kwalletd/backend/kwalletbackend.cc #1054212:1054213
@@ -310,13 +310,31 @@
int Backend::open(const QByteArray& password) {
-
if (_open) {
return -255; // already open
}
setPassword(password);
+ return openInternal();
+}
+int Backend::openPreHashed(const QByteArray &passwordHash)
+{
+ if (_open) {
+ return -255; // already open
+ }
+
+ // check the password hash for correct size (currently fixed)
+ if (passwordHash.size() != 20) {
+ return -42; // unsupported encryption scheme
+ }
+
+ _passhash = passwordHash;
+ return openInternal();
+}
+
+int Backend::openInternal()
+{
// No wallet existed. Let's create it.
// Note: 60 bytes is presently the minimum size of a wallet file.
// Anything smaller is junk and should be deleted.
@@ -882,3 +900,4 @@
_passhash.resize(bf.keyLen()/8);
password2hash(password, _passhash);
}
+
--- trunk/KDE/kdebase/runtime/kwalletd/backend/kwalletbackend.h #1054212:1054213
@@ -71,6 +71,11 @@
// If opening succeeds, the password's hash will be remembered.
// If opening fails, the password's hash will be cleared.
int open(const QByteArray& password);
+
+ // Open and unlock the wallet using a pre-hashed password.
+ // If opening succeeds, the password's hash will be remembered.
+ // If opening fails, the password's hash will be cleared.
+ int openPreHashed(const QByteArray &passwordHash);
// Close the wallet, losing any changes.
// if save is true, the wallet is saved prior to closing it.
@@ -128,7 +133,7 @@
// Set the password used for opening/closing the wallet.
// This does not sync the wallet to disk!
void setPassword(const QByteArray &password);
-
+
int ref() { return ++_ref; }
int deref();
@@ -159,6 +164,10 @@
typedef QMap<MD5Digest, QList<MD5Digest> > HashMap;
HashMap _hashes;
QByteArray _passhash; // password hash used for saving the wallet
+
+ // open the wallet with the password already set. This is
+ // called internally by both open and openPreHashed.
+ int openInternal();
};
}
--- trunk/KDE/kdebase/runtime/kwalletd/kwalletd.cpp #1054212:1054213
@@ -161,14 +161,14 @@
return qMakePair(-1, static_cast<KWallet::Backend*>(0));
}
+bool KWalletD::_processing = false;
+
void KWalletD::processTransactions() {
- static bool processing = false;
-
- if (processing) {
+ if (_processing) {
return;
}
- processing = true;
+ _processing = true;
// Process remaining transactions
while (!_transactions.isEmpty()) {
@@ -233,7 +233,7 @@
_curtrans = 0;
}
- processing = false;
+ _processing = false;
}
@@ -1458,4 +1458,52 @@
}
}
+int KWalletD::pamOpen(const QString &wallet, const QByteArray &passwordHash, int \
sessionTimeout) +{
+ // don't do anything if transactions are already being processed!
+ if (_processing) {
+ return -1;
+ }
+
+ // check if the wallet is already open
+ QPair<int, KWallet::Backend*> walletInfo = findWallet(wallet);
+ int rc = walletInfo.first;
+ if (rc == -1) {
+ if (_wallets.count() > 20) {
+ kDebug() << "Too many wallets open.";
+ return -1;
+ }
+
+ if (!QRegExp("^[\\w\\^\\&\\'\\@\\{\\}\\[\\]\\,\\$\\=\\!\\-\\#\\(\\)\\%\\.\\+\\_\\s]+$").exactMatch(wallet) \
|| + !KWallet::Backend::exists(wallet)) {
+ return -1;
+ }
+
+ KWallet::Backend *b = new KWallet::Backend(wallet);
+ int openrc = b->openPreHashed(passwordHash);
+ if (openrc == 0 && b->isOpen()) {
+ // opening the wallet was successful
+ int handle = generateHandle();
+ _wallets.insert(handle, b);
+ _syncTimers.addTimer(handle, _syncTime);
+
+ // don't reference the wallet or add a session so it
+ // can be reclosed easily.
+
+ if (sessionTimeout > 0) {
+ _closeTimers.addTimer(handle, sessionTimeout);
+ } else if (_closeIdle) {
+ _closeTimers.addTimer(handle, _idleTime);
+ }
+ emit walletOpened(wallet);
+ if (_wallets.count() == 1 && _launchManager) {
+ KToolInvocation::startServiceByDesktopName("kwalletmanager-kwalletd");
+ }
+ return handle;
+ }
+ }
+
+ return -1;
+}
+
#include "kwalletd.moc"
--- trunk/KDE/kdebase/runtime/kwalletd/kwalletd.h #1054212:1054213
@@ -154,6 +154,11 @@
QString localWallet();
void screenSaverChanged(bool);
+
+ // Open a wallet using a pre-hashed password. This is only useful in \
cooperation + // with the kwallet PAM module. It's also less secure than \
manually entering the + // password as the password hash is transmitted using \
D-Bus. + int pamOpen(const QString &wallet, const QByteArray &passwordHash, int \
sessionTimeout);
Q_SIGNALS:
void walletAsyncOpened(int id, int handle); // used to notify KWallet::Wallet
@@ -222,6 +227,7 @@
KTimeout _closeTimers;
KTimeout _syncTimers;
const int _syncTime;
+ static bool _processing;
KWalletTransaction *_curtrans; // current transaction
QList<KWalletTransaction*> _transactions;
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic