diff options
-rw-r--r-- | kdesktop/lock/sakdlg.cc | 4 | ||||
-rw-r--r-- | kdesktop/lock/securedlg.cc | 2 | ||||
-rw-r--r-- | kdm/config.def | 10 | ||||
-rw-r--r-- | kdm/kfrontend/CMakeLists.txt | 2 | ||||
-rw-r--r-- | kdm/kfrontend/kfdialog.cpp | 12 | ||||
-rw-r--r-- | kdm/kfrontend/kfdialog.h | 1 | ||||
-rw-r--r-- | kdm/kfrontend/kgapp.cpp | 15 | ||||
-rw-r--r-- | kdm/kfrontend/sakdlg.cc | 152 | ||||
-rw-r--r-- | kdm/kfrontend/sakdlg.h | 58 | ||||
-rw-r--r-- | kdmlib/kdmtsak.h | 5 |
10 files changed, 251 insertions, 10 deletions
diff --git a/kdesktop/lock/sakdlg.cc b/kdesktop/lock/sakdlg.cc index 1647fb527..8b00e5408 100644 --- a/kdesktop/lock/sakdlg.cc +++ b/kdesktop/lock/sakdlg.cc @@ -96,8 +96,8 @@ SAKDlg::SAKDlg(LockProcess *parent) layStatus->addWidget( mStatusLabel ); frameLayout = new TQGridLayout( frame, 1, 1, KDialog::marginHint(), KDialog::spacingHint() ); - frameLayout->addMultiCellWidget( theader, 0, 0, 0, 1, Qt::AlignTop | AlignHCenter ); - frameLayout->addMultiCellLayout( layStatus, 1, 1, 0, 1, AlignHCenter | AlignVCenter); + frameLayout->addMultiCellWidget( theader, 0, 0, 0, 1, AlignTop | AlignLeft ); + frameLayout->addMultiCellLayout( layStatus, 1, 1, 0, 1, AlignLeft | AlignVCenter); mStatusLabel->setText("<b>" + i18n("Press Ctrl+Alt+Del to begin.") + "</b><p>" + i18n("This process helps keep your password secure.") + "<br>" + i18n("It prevents unauthorized users from emulating the login screen.")); diff --git a/kdesktop/lock/securedlg.cc b/kdesktop/lock/securedlg.cc index bdebf4e13..6d6b6c3a0 100644 --- a/kdesktop/lock/securedlg.cc +++ b/kdesktop/lock/securedlg.cc @@ -118,7 +118,7 @@ SecureDlg::SecureDlg(LockProcess *parent) layPBRow1->addWidget( mCancelButton ); frameLayout = new TQGridLayout( frame, 1, 1, KDialog::marginHint(), KDialog::spacingHint() ); - frameLayout->addMultiCellWidget( theader, 0, 0, 0, 1, Qt::AlignTop | AlignLeft ); + frameLayout->addMultiCellWidget( theader, 0, 0, 0, 1, AlignTop | AlignLeft ); frameLayout->addMultiCellLayout( layStatus, 1, 1, 0, 1, AlignLeft | AlignVCenter); frameLayout->addMultiCellWidget( sep, 2, 2, 0, 1 ); frameLayout->addMultiCellLayout( layPBRow1, 3, 3, 0, 1, AlignLeft | AlignVCenter); diff --git a/kdm/config.def b/kdm/config.def index c7388471f..43e7f5971 100644 --- a/kdm/config.def +++ b/kdm/config.def @@ -2006,6 +2006,16 @@ Comment: Description: Specify the Xorg window manager. Currently only kwin is supported. +Key: UseSAK +Type: bool +Default: true +User: greeter +Instance: #*/! +Comment: + SAK +Description: + If true then the SAK anti-spoofing dialog will be utilized + Key: UseAdminSession Type: bool Default: false diff --git a/kdm/kfrontend/CMakeLists.txt b/kdm/kfrontend/CMakeLists.txt index 22e017e46..aaff8085d 100644 --- a/kdm/kfrontend/CMakeLists.txt +++ b/kdm/kfrontend/CMakeLists.txt @@ -63,7 +63,7 @@ tde_add_executable( kdm_greet AUTOMOC kdm_greet.c kdmconfig.cpp kdmclock.cpp kconsole.cpp kfdialog.cpp kgdialog.cpp kchooser.cpp kgverify.cpp kdmshutdown.cpp kdmadmindialog.cpp kgreeter.cpp - kgapp.cpp + kgapp.cpp sakdlg.cc LINK kdmthemer-static kdeui-shared Xtst krandr-shared DESTINATION ${BIN_INSTALL_DIR} ) diff --git a/kdm/kfrontend/kfdialog.cpp b/kdm/kfrontend/kfdialog.cpp index 3d790f9f2..b834ca450 100644 --- a/kdm/kfrontend/kfdialog.cpp +++ b/kdm/kfrontend/kfdialog.cpp @@ -61,7 +61,7 @@ FDialog::FDialog( TQWidget *parent, bool framed ) } else winFrame = 0; - setCaption(i18n("Trinity Desktop Environment")); + setCaption(KDM_LOGIN_SCREEN_BASE_TITLE); if (framed) { if (m_wmTitle) setFixedSize(sizeHint()); @@ -158,11 +158,11 @@ FDialog::box( TQWidget *parent, TQMessageBox::Icon type, const TQString &text ) KFMsgBox::KFMsgBox( TQWidget *parent, TQMessageBox::Icon type, const TQString &text ) : inherited( parent, !is_themed ) { - if (type == TQMessageBox::NoIcon) setCaption(i18n("TDE")); - if (type == TQMessageBox::Question) setCaption(i18n("TDE") + " - " + i18n("Question")); - if (type == TQMessageBox::Information) setCaption(i18n("TDE") + " - " + i18n("Information")); - if (type == TQMessageBox::Warning) setCaption(i18n("TDE") + " - " + i18n("Warning")); - if (type == TQMessageBox::Critical) setCaption(i18n("TDE") + " - " + i18n("Error")); + if (type == TQMessageBox::NoIcon) setCaption(KDM_LOGIN_SCREEN_BASE_TITLE); + if (type == TQMessageBox::Question) setCaption(KDM_LOGIN_SCREEN_BASE_TITLE + " - " + i18n("Question")); + if (type == TQMessageBox::Information) setCaption(KDM_LOGIN_SCREEN_BASE_TITLE + " - " + i18n("Information")); + if (type == TQMessageBox::Warning) setCaption(KDM_LOGIN_SCREEN_BASE_TITLE + " - " + i18n("Warning")); + if (type == TQMessageBox::Critical) setCaption(KDM_LOGIN_SCREEN_BASE_TITLE + " - " + i18n("Error")); TQLabel *label1 = new TQLabel( this ); label1->setPixmap( TQMessageBox::standardIcon( type ) ); diff --git a/kdm/kfrontend/kfdialog.h b/kdm/kfrontend/kfdialog.h index d433594a4..3537c7b57 100644 --- a/kdm/kfrontend/kfdialog.h +++ b/kdm/kfrontend/kfdialog.h @@ -22,6 +22,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ +#define KDM_LOGIN_SCREEN_BASE_TITLE i18n("Login to TDE") #ifndef FDIALOG_H #define FDIALOG_H diff --git a/kdm/kfrontend/kgapp.cpp b/kdm/kfrontend/kgapp.cpp index 0aaaa6e9b..ac99a4bc3 100644 --- a/kdm/kfrontend/kgapp.cpp +++ b/kdm/kfrontend/kgapp.cpp @@ -32,6 +32,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. #ifdef XDMCP # include "kchooser.h" #endif +#include "sakdlg.h" #include <kprocess.h> #include <kcmdlineargs.h> @@ -65,6 +66,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. bool argb_visual_available = false; bool has_kwin = false; bool is_themed = false; +bool trinity_desktop_lock_use_sak = TRUE; static int ignoreXError( Display *dpy ATTR_UNUSED, XErrorEvent *event ATTR_UNUSED ) @@ -164,6 +166,15 @@ xIOErr( Display * ) //KSimpleConfig *iccconfig; void +checkSAK(GreeterApp* app) +{ + app->restoreOverrideCursor(); + SAKDlg sak(0); + sak.exec(); + app->setOverrideCursor( Qt::WaitCursor ); +} + +void kg_main( const char *argv0 ) { static char *argv[] = { (char *)"kdmgreet", 0 }; @@ -287,6 +298,8 @@ kg_main( const char *argv0 ) has_kwin = true; } + trinity_desktop_lock_use_sak = _useSAK; + GSendInt( G_Ready ); kdDebug() << timestamp() << " main1" << endl; @@ -338,6 +351,7 @@ kg_main( const char *argv0 ) if (!tgrt->isOK()) { is_themed = false; delete tgrt; + checkSAK(app); dialog = new KStdGreeter; dialog->move(dialog->x() + primaryScreenPosition.x(), dialog->y() + primaryScreenPosition.y()); } @@ -346,6 +360,7 @@ kg_main( const char *argv0 ) } XSetErrorHandler( (XErrorHandler)0 ); } else { + checkSAK(app); dialog = new KStdGreeter; dialog->move(dialog->x() + primaryScreenPosition.x(), dialog->y() + primaryScreenPosition.y()); } diff --git a/kdm/kfrontend/sakdlg.cc b/kdm/kfrontend/sakdlg.cc new file mode 100644 index 000000000..1f49bcf79 --- /dev/null +++ b/kdm/kfrontend/sakdlg.cc @@ -0,0 +1,152 @@ +//=========================================================================== +// +// This file is part of the KDE project +// +// Copyright (c) 2010-2011 Timothy Pearson <kb9vqf@pearsoncomputing.net> + +#include <config.h> + +#include "sakdlg.h" + +#include <dmctl.h> + +#include <kapplication.h> +#include <klocale.h> +#include <kpushbutton.h> +#include <kseparator.h> +#include <kstandarddirs.h> +#include <kglobalsettings.h> +#include <kconfig.h> +#include <kiconloader.h> +#include <kdesu/defaults.h> +#include <kpassdlg.h> +#include <kdebug.h> +#include <kuser.h> +#include <dcopref.h> +#include <kmessagebox.h> +#include <kdialog.h> + +#include <tqlayout.h> +#include <tqpushbutton.h> +#include <tqmessagebox.h> +#include <tqsimplerichtext.h> +#include <tqlabel.h> +#include <tqstringlist.h> +#include <tqfontmetrics.h> +#include <tqstyle.h> +#include <tqapplication.h> +#include <tqlistview.h> +#include <tqheader.h> +#include <tqcheckbox.h> + +#include <ctype.h> +#include <unistd.h> +#include <stdlib.h> +#include <errno.h> +#include <pwd.h> +#include <sys/types.h> +#include <sys/socket.h> + +#include <X11/Xutil.h> +#include <X11/keysym.h> +#include <X11/Xatom.h> +#include <fixx11h.h> + +#include "kfdialog.h" + +#ifndef AF_LOCAL +# define AF_LOCAL AF_UNIX +#endif + +bool trinity_desktop_lock_use_system_modal_dialogs = TRUE; +extern bool trinity_desktop_lock_use_sak; + +//=========================================================================== +// +// Simple dialog for displaying an unlock status or recurring error message +// +SAKDlg::SAKDlg(TQWidget *parent) + : TQDialog(parent, "information dialog", true, (trinity_desktop_lock_use_system_modal_dialogs?((WFlags)WStyle_StaysOnTop):((WFlags)WX11BypassWM))), + mUnlockingFailed(false) +{ + if (trinity_desktop_lock_use_system_modal_dialogs) { + // Signal that we do not want any window controls to be shown at all + Atom kde_wm_system_modal_notification; + kde_wm_system_modal_notification = XInternAtom(qt_xdisplay(), "_KDE_WM_MODAL_SYS_NOTIFICATION", False); + XChangeProperty(qt_xdisplay(), winId(), kde_wm_system_modal_notification, XA_INTEGER, 32, PropModeReplace, (unsigned char *) "TRUE", 1L); + } + setCaption(KDM_LOGIN_SCREEN_BASE_TITLE); + + frame = new TQFrame( this ); + if (trinity_desktop_lock_use_system_modal_dialogs) + frame->setFrameStyle( TQFrame::NoFrame ); + else + frame->setFrameStyle( TQFrame::Panel | TQFrame::Raised ); + frame->setLineWidth( 2 ); + + KSMModalDialogHeader* theader = new KSMModalDialogHeader( frame ); + + KUser user; + + mStatusLabel = new TQLabel( "<b> </b>", frame ); + mStatusLabel->tqsetAlignment( TQLabel::AlignVCenter ); + + TQVBoxLayout *unlockDialogLayout = new TQVBoxLayout( this ); + unlockDialogLayout->addWidget( frame ); + + TQHBoxLayout *layStatus = new TQHBoxLayout( 0, 0, KDialog::spacingHint()); + layStatus->addWidget( mStatusLabel ); + + frameLayout = new TQGridLayout( frame, 1, 1, KDialog::marginHint(), KDialog::spacingHint() ); + frameLayout->addMultiCellWidget( theader, 0, 0, 0, 1, AlignTop | AlignLeft ); + frameLayout->addMultiCellLayout( layStatus, 1, 1, 0, 1, AlignLeft | AlignVCenter); + + mStatusLabel->setText("<b>" + i18n("Press Ctrl+Alt+Del to begin.") + "</b><p>" + i18n("This process helps keep your password secure.") + "<br>" + i18n("It prevents unauthorized users from emulating the login screen.")); + + installEventFilter(this); + + mSAKProcess = new KProcess; + *mSAKProcess << "kdmtsak"; + connect(mSAKProcess, TQT_SIGNAL(processExited(KProcess*)), this, TQT_SLOT(slotSAKProcessExited())); + mSAKProcess->start(); +} + +void SAKDlg::slotSAKProcessExited() +{ + int retcode = mSAKProcess->exitStatus(); + if (retcode != 0) trinity_desktop_lock_use_sak = false; + hide(); +} + +SAKDlg::~SAKDlg() +{ + if ((mSAKProcess) && (mSAKProcess->isRunning())) { + mSAKProcess->kill(SIGTERM); + delete mSAKProcess; + } + hide(); +} + +void SAKDlg::closeDialogForced() +{ + TQDialog::reject(); +} + +void SAKDlg::reject() +{ + +} + +void SAKDlg::updateLabel(TQString &txt) +{ + mStatusLabel->setPaletteForegroundColor(Qt::black); + mStatusLabel->setText("<b>" + txt + "</b>"); +} + +void SAKDlg::show() +{ + TQDialog::show(); + TQApplication::flushX(); +} + +#include "sakdlg.moc" diff --git a/kdm/kfrontend/sakdlg.h b/kdm/kfrontend/sakdlg.h new file mode 100644 index 000000000..d94322f79 --- /dev/null +++ b/kdm/kfrontend/sakdlg.h @@ -0,0 +1,58 @@ +//=========================================================================== +// +// This file is part of the KDE project +// +// Copyright (c) 2010 Timothy Pearson <kb9vqf@pearsoncomputing.net> +// + +#ifndef __SAKDLG_H__ +#define __SAKDLG_H__ + +#include <tqdialog.h> +#include <tqstringlist.h> + +#include <kprocess.h> + +class TQFrame; +class TQGridLayout; +class TQLabel; +class KPushButton; +class TQListView; + +//=========================================================================== +// +// Simple dialog for displaying an info message. +// It does not handle password validation. +// +class SAKDlg : public TQDialog +{ + Q_OBJECT + +public: + SAKDlg(TQWidget *parent); + ~SAKDlg(); + virtual void show(); + + void updateLabel( TQString &txt ); + void closeDialogForced(); + +private slots: + void slotSAKProcessExited(); + +protected slots: + virtual void reject(); + +private: + TQFrame *frame; + TQGridLayout *frameLayout; + TQLabel *mStatusLabel; + int mCapsLocked; + bool mUnlockingFailed; + TQStringList layoutsList; + TQStringList::iterator currLayout; + int sPid, sFd; + KProcess* mSAKProcess; +}; + +#endif + diff --git a/kdmlib/kdmtsak.h b/kdmlib/kdmtsak.h index 21b2f85c7..c9664ae34 100644 --- a/kdmlib/kdmtsak.h +++ b/kdmlib/kdmtsak.h @@ -43,6 +43,11 @@ inline int tde_sak_verify_calling_process() { bool authorized = false; + // Root always has access to everything... + if (getuid() == 0) { + return 0; + } + pid_t parentproc = getppid(); #ifdef DEBUG printf("Parent pid is: %d\n\r", parentproc); |