--===============1552512744==
Content-Type: multipart/signed;
boundary="nextPart1924589.x0u0YTKAqW";
protocol="application/pgp-signature";
micalg=pgp-sha1
Content-Transfer-Encoding: 7bit
--nextPart1924589.x0u0YTKAqW
Content-Type: multipart/mixed;
boundary="Boundary-01=_wRxGKAqobnBJjPt"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
--Boundary-01=_wRxGKAqobnBJjPt
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
On Sunday 24 May 2009 00:39:33 Michael Leupold wrote:
> Pierre wrote:
> > On Wednesday 29 April 2009 18:58:40 Herbert Graeber wrote:
> >> Am Mittwoch 29 April 2009 03:47:46 schrieb John Tapsell:
> >> > Has any progress been made on the pam+kwallet front? There seem to
> >> > be patches floating about (e.g.
> >> > http://kubuntuforums.net/forums/index.php?topic=3D3091705.0 ) but I=
'm
> >> > guessing that they haven't been integrated into our svn ?
> >>
> >> For KDE there has been a openSUSE package named pam_kwallet for this. =
It
> >> depends on a patch to the kwallet daemon, to open a wallet with a
> >> password given a parameter via dcop (function tryOpen). It would be ea=
sy
> >> to port pam_kwallet to KDE when a similar patch has been made for KDE4=
's
> >> kwallet daemon.
> >
> > If you're interested, I've got a port of this to KDE4 available on my
> > hard drive...
> > It does add a DBus tryOpen call in kwalletd. I ported the "kwalletclien=
t"
> > from pam_kwallet to use dbus too. I only have to try it, but I'm too la=
zy
> > to do it right now (and I'll be AFK for one day or two..)
> > I'll send the patches in a few days.
>
> Could you please post it to the list? As many users are asking for it we
> might as well put it into 4.4. I guess marking it as "PAM module only" and
> not exposing it in our API should be enough to make it clear that this
> isn't supposed to be used in regular programs. Of course it should be
> documented that sending the (hashed?) password over D-Bus is inherently
> less secure than entering it manually.
Hi
I didn't look at a way to send the password hashed. It seems to be quite ea=
sy to=20
implement, I'll try to do that in a future version of the patch.
The attached patchs for kdelibs and kdebase-runtime implement the DBus call.
The kwalletclient part will be sent as soon as it has been tested and fixed=
=2E..=20
So far, that part doesn't seem to work, but I may have done something wrong=
on=20
my testing system, and I had a huge unplanned event friday (a car crash) th=
at=20
removed me a lot of free time...
Pierre
--Boundary-01=_wRxGKAqobnBJjPt
Content-Type: text/x-patch;
charset="utf-8";
name="kdelibs.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename="kdelibs.patch"
diff -Naur kdelibs-4.2.3-orig/kdeui/util/org.kde.KWallet.xml kdelibs-4.2.3/kdeui/util/org.kde.KWallet.xml
--- kdelibs-4.2.3-orig/kdeui/util/org.kde.KWallet.xml 2008-11-12 17:38:30.000000000 +0100
+++ kdelibs-4.2.3/kdeui/util/org.kde.KWallet.xml 2009-05-21 23:02:12.000000000 +0200
@@ -38,6 +38,11 @@
+
+
+
+
+
--Boundary-01=_wRxGKAqobnBJjPt
Content-Type: text/x-patch;
charset="utf-8";
name="kdebase-runtime.patch"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment;
filename="kdebase-runtime.patch"
diff -Naur kdebase-runtime-4.2.3-orig/kwalletd/kwalletd.cpp kdebase-runtime=
=2D4.2.3/kwalletd/kwalletd.cpp
=2D-- kdebase-runtime-4.2.3-orig/kwalletd/kwalletd.cpp 2009-02-26 15:16:05.=
000000000 +0100
+++ kdebase-runtime-4.2.3/kwalletd/kwalletd.cpp 2009-05-24 13:42:07.0000000=
00 +0200
@@ -397,6 +397,46 @@
return rc;
}
=20
+bool KWalletD::tryOpen (const QString& wallet, const QString& password) {
+ const QPair walletInfo =3D findWallet(wallet);
+ int rc =3D walletInfo.first;
+ if (rc =3D=3D -1) {
+ if (_wallets.count() > 20) {
+ kDebug() << "Too many wallets open.";
+ return false;
+ }
+ =09
+ KWallet::Backend *b =3D new KWallet::Backend(wallet);
+ if (KWallet::Backend::exists(wallet)) {
+ int pwless =3D b->open(QByteArray());
+ if (0 !=3D pwless || !b->isOpen()) {
+ if (pwless =3D=3D 0) {
+ // release, start anew
+ delete b;
+ b =3D new KWallet::Backend(wallet);
+ }
+ b->open(password.toUtf8());
+ if (!b->isOpen()) {
+ delete b;
+ return false;
+ }
+ }
+ _wallets.insert(rc =3D generateHandle(), b);
+ _syncTimers.addTimer(rc, _syncTime);
+ =09
+ b->ref();
+ if (_closeIdle) {
+ _closeTimers.addTimer(rc, _idleTime);
+ }
+ emit walletOpened(wallet);
+ if (_wallets.count() =3D=3D 1 && _launchManager) {
+ KToolInvocation::startServiceByDesktopName("kwalletmanager-kwalletd");
+ }
+ return true;
+ }
+ }
+ return false;
+}
=20
int KWalletD::internalOpen(const QString& appid, const QString& wallet, bo=
ol isPath, WId w,
bool modal, const QString& service) {
diff -Naur kdebase-runtime-4.2.3-orig/kwalletd/kwalletd.h kdebase-runtime-4=
=2E2.3/kwalletd/kwalletd.h
=2D-- kdebase-runtime-4.2.3-orig/kwalletd/kwalletd.h 2008-11-19 11:17:51.00=
0000000 +0100
+++ kdebase-runtime-4.2.3/kwalletd/kwalletd.h 2009-05-24 13:42:08.000000000=
+0200
@@ -65,6 +65,9 @@
int openAsync(const QString& wallet, qlonglong wId, const QString& appid,
bool handleSession);
=20
+ // Try to open a wallet with the given password
+ bool tryOpen(const QString& wallet, const QString& password);
+
// Open and unlock the wallet with this path asynchronously
int openPathAsync(const QString& path, qlonglong wId, const QString& app=
id,
bool handleSession);
--Boundary-01=_wRxGKAqobnBJjPt--
--nextPart1924589.x0u0YTKAqW
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEABECAAYFAkobFHAACgkQZA1EFZCdHVtWHQCdFAH0ie+fwHq0pdQJagvbXXah
XucAnighhSYvpOMV7BH5PonnSmrywcAR
=lrV6
-----END PGP SIGNATURE-----
--nextPart1924589.x0u0YTKAqW--
--===============1552512744==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
--===============1552512744==--