diff options
author | Timothy Pearson <kb9vqf@pearsoncomputing.net> | 2015-09-29 15:07:45 -0500 |
---|---|---|
committer | Timothy Pearson <kb9vqf@pearsoncomputing.net> | 2015-09-29 15:07:45 -0500 |
commit | 5fb3200dbf531059c194b96ec2cea8376ca941df (patch) | |
tree | f519171680d0a869f3d6d49647ec704707c74fb5 /src | |
parent | d660c1aa59da4bd75238921631712568db1aa4ca (diff) | |
download | kerberostray-5fb3200dbf531059c194b96ec2cea8376ca941df.tar.gz kerberostray-5fb3200dbf531059c194b96ec2cea8376ca941df.zip |
Allow Kerberos ticket init via cryptographic card
Diffstat (limited to 'src')
-rw-r--r-- | src/toplevel.cpp | 42 |
1 files changed, 41 insertions, 1 deletions
diff --git a/src/toplevel.cpp b/src/toplevel.cpp index 6442a78..abbff54 100644 --- a/src/toplevel.cpp +++ b/src/toplevel.cpp @@ -54,6 +54,11 @@ #include <klineeditdlg.h> #include <libtdeldap.h> +#include <ksslcertificate.h> + +#include <tdehardwaredevices.h> +#include <tdecryptographiccarddevice.h> + #include "configdlg.h" #include "toplevel.h" @@ -89,6 +94,15 @@ TopLevel::TopLevel() : KSystemTray(), ticketWatch(0), m_refreshTimer(0), m_reque menu->insertItem(SmallIcon("help"), i18n("&Help"), helpMnu); menu->insertItem(SmallIcon("system-log-out"), i18n("Quit"), kapp, TQT_SLOT(quit())); + // Set up card monitoring + TDEGenericDevice *hwdevice; + TDEHardwareDevices *hwdevices = TDEGlobal::hardwareDevices(); + TDEGenericHardwareList cardReaderList = hwdevices->listByDeviceClass(TDEGenericDeviceType::CryptographicCard); + for (hwdevice = cardReaderList.first(); hwdevice; hwdevice = cardReaderList.next()) { + TDECryptographicCardDevice* cdevice = static_cast<TDECryptographicCardDevice*>(hwdevice); + cdevice->enableCardMonitoring(true); + } + load(); updateTicketList(); @@ -219,6 +233,32 @@ void TopLevel::updateMenu() { } void TopLevel::getNewTicket(bool requestServiceTicket) { + bool allow_card = false; + TDEGenericDevice *hwdevice; + TDEHardwareDevices *hwdevices = TDEGlobal::hardwareDevices(); + TDEGenericHardwareList cardReaderList = hwdevices->listByDeviceClass(TDEGenericDeviceType::CryptographicCard); + for (hwdevice = cardReaderList.first(); hwdevice; hwdevice = cardReaderList.next()) { + TDECryptographicCardDevice* cdevice = static_cast<TDECryptographicCardDevice*>(hwdevice); + TQString login_name = TQString::null; + X509CertificatePtrList certList = cdevice->cardX509Certificates(); + if (certList.count() > 0) { + KSSLCertificate* card_cert = NULL; + card_cert = KSSLCertificate::fromX509(certList[0]); + TQStringList cert_subject_parts = TQStringList::split("/", card_cert->getSubject(), false); + for (TQStringList::Iterator it = cert_subject_parts.begin(); it != cert_subject_parts.end(); ++it ) { + TQString lcpart = (*it).lower(); + if (lcpart.startsWith("cn=")) { + login_name = lcpart.right(lcpart.length() - strlen("cn=")); + } + } + delete card_cert; + } + if (login_name != "") { + allow_card = true; + break; + } + } + LDAPCredentials credentials; if (m_ticketList.count() > 0) { TQStringList princParts = TQStringList::split("@", m_ticketList[0].cachePrincipal); @@ -231,7 +271,7 @@ void TopLevel::getNewTicket(bool requestServiceTicket) { credentials.username = TQString(pwd->pw_name); } } - int result = LDAPManager::getKerberosPassword(credentials, i18n("Please provide Kerberos credentials"), requestServiceTicket, this); + int result = LDAPManager::getKerberosPassword(credentials, i18n("Please provide Kerberos credentials"), requestServiceTicket, allow_card, this); if (result == KDialog::Accepted) { TQString errorstring; TQString service; |