summaryrefslogtreecommitdiffstats
path: root/kdm
diff options
context:
space:
mode:
Diffstat (limited to 'kdm')
-rw-r--r--kdm/kfrontend/kgreeter.cpp100
-rw-r--r--kdm/kfrontend/kgreeter.h8
-rw-r--r--kdm/kfrontend/kgverify.cpp7
-rw-r--r--kdm/kfrontend/kgverify.h1
-rw-r--r--kdm/kfrontend/sakdlg.cc97
-rw-r--r--kdm/kfrontend/sakdlg.h6
6 files changed, 218 insertions, 1 deletions
diff --git a/kdm/kfrontend/kgreeter.cpp b/kdm/kfrontend/kgreeter.cpp
index fd4f07d96..0a476d2b9 100644
--- a/kdm/kfrontend/kgreeter.cpp
+++ b/kdm/kfrontend/kgreeter.cpp
@@ -71,8 +71,25 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#include <utmp.h>
#include <utmpx.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <errno.h>
+#include <limits.h>
+#include <dirent.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/select.h>
+#include <sys/time.h>
+#include <termios.h>
+#include <signal.h>
+
#include <X11/Xlib.h>
+#define FIFO_DIR "/tmp/ksocket-global/kdm"
+#define FIFO_FILE "/tmp/ksocket-global/kdm/kdmctl-%1"
+#define FIFO_SAK_FILE "/tmp/ksocket-global/kdm/kdmctl-sak-%1"
+
class UserListView : public KListView {
public:
UserListView( bool _them, TQWidget *parent = 0, const char *name = 0 )
@@ -161,6 +178,8 @@ KGreeter::KGreeter( bool framed )
, prevValid( true )
, needLoad( false )
, themed( framed )
+ , mPipe_fd( -1 )
+ , closingDown( false )
{
stsFile = new KSimpleConfig( _stsFile );
stsFile->setGroup( "PrevUser" );
@@ -185,16 +204,95 @@ KGreeter::KGreeter( bool framed )
curPlugin = 0;
pluginList = KGVerify::init( _pluginsLogin );
}
+
+ TQTimer::singleShot( 0, this, TQT_SLOT(handleInputPipe()) );
}
KGreeter::~KGreeter()
{
+ if (mPipe_fd != -1) {
+ closingDown = true;
+ ::close(mPipe_fd);
+ ::unlink(mPipeFilename.ascii());
+ }
hide();
delete userList;
delete verify;
delete stsFile;
}
+void KGreeter::handleInputPipe(void) {
+ if (closingDown) {
+ ::unlink(mPipeFilename.ascii());
+ return;
+ }
+
+ if (isShown() == false) {
+ TQTimer::singleShot( 100, this, TQT_SLOT(handleInputPipe()) );
+ return;
+ }
+
+ char readbuf[2048];
+ int displayNumber;
+ TQString currentDisplay;
+ currentDisplay = TQString(getenv("DISPLAY"));
+ currentDisplay = currentDisplay.replace(":", "");
+ displayNumber = currentDisplay.toInt();
+ mPipeFilename = TQString(FIFO_FILE).tqarg(displayNumber);
+ ::unlink((TQString(FIFO_SAK_FILE).tqarg(displayNumber)).ascii());
+
+ /* Create the FIFOs if they do not exist */
+ umask(0);
+ struct stat buffer;
+ int status;
+ status = stat(FIFO_DIR, &buffer);
+ if (status == 0) {
+ int file_mode = ((buffer.st_mode & S_IRWXU) >> 6) * 100;
+ file_mode = file_mode + ((buffer.st_mode & S_IRWXG) >> 3) * 10;
+ file_mode = file_mode + ((buffer.st_mode & S_IRWXO) >> 0) * 1;
+ if ((file_mode != 600) || (buffer.st_uid != 0) || (buffer.st_gid != 0)) {
+ ::unlink(mPipeFilename.ascii());
+ printf("[WARNING] Possible security breach! Please check permissions on " FIFO_DIR " (must be 600 and owned by root/root, got %d %d/%d). Not listening for login credentials on remote control socket.\n", file_mode, buffer.st_uid, buffer.st_gid); fflush(stdout);
+ return;
+ }
+ }
+ mkdir(FIFO_DIR,0600);
+ mknod(mPipeFilename.ascii(), S_IFIFO|0600, 0);
+ chmod(mPipeFilename.ascii(), 0600);
+
+ mPipe_fd = ::open(mPipeFilename.ascii(), O_RDONLY | O_NONBLOCK);
+ int numread;
+ TQString inputcommand = "";
+ while ((!inputcommand.contains('\n')) && (!closingDown)) {
+ numread = ::read(mPipe_fd, readbuf, 2048);
+ readbuf[numread] = 0;
+ readbuf[2047] = 0;
+ inputcommand += readbuf;
+ tqApp->processEvents();
+ }
+ if (closingDown) {
+ ::unlink(mPipeFilename.ascii());
+ return;
+ }
+ inputcommand = inputcommand.replace('\n', "");
+ TQStringList commandList = TQStringList::split('\t', inputcommand, false);
+ if ((*(commandList.at(0))) == "LOGIN") {
+ if (verify) {
+ verify->setUser( (*(commandList.at(1))) );
+ verify->setPassword( (*(commandList.at(2))) );
+ accept();
+ }
+ }
+ if (!closingDown) {
+ TQTimer::singleShot( 0, this, TQT_SLOT(handleInputPipe()) );
+ ::close(mPipe_fd);
+ ::unlink(mPipeFilename.ascii());
+ }
+ else {
+ ::unlink(mPipeFilename.ascii());
+ }
+}
+
void KGreeter::readFacesList()
{
FILE *f = fopen( TQFile::encodeName( _faceDir + "/.randomlist" ), "rt" );
@@ -742,6 +840,7 @@ KGreeter::verifyOk()
GSendStr( "default" );
}
GSendInt( G_Ready );
+ closingDown = true;
done( ex_exit );
}
@@ -1165,6 +1264,7 @@ KThemedGreeter::slotAskAdminPassword()
if (k.exec()) {
GSendInt(G_Ready);
hide();
+ closingDown = true;
done(ex_exit);
}
}
diff --git a/kdm/kfrontend/kgreeter.h b/kdm/kfrontend/kgreeter.h
index 8675f052a..b481d7bad 100644
--- a/kdm/kfrontend/kgreeter.h
+++ b/kdm/kfrontend/kgreeter.h
@@ -71,6 +71,7 @@ class KGreeter : public KGDialog, public KGVerifyHandler {
void slotUserClicked( TQListViewItem * );
void slotSessionSelected( int );
void slotUserEntered();
+ void handleInputPipe();
public:
TQString curUser, dName;
@@ -104,6 +105,13 @@ class KGreeter : public KGDialog, public KGVerifyHandler {
private slots:
void slotLoadPrevWM();
+ private:
+ int mPipe_fd;
+ TQString mPipeFilename;
+
+ protected:
+ bool closingDown;
+
public: // from KGVerifyHandler
virtual void verifyPluginChanged( int id );
virtual void verifyClear();
diff --git a/kdm/kfrontend/kgverify.cpp b/kdm/kfrontend/kgverify.cpp
index 337b45644..b7f57a5bd 100644
--- a/kdm/kfrontend/kgverify.cpp
+++ b/kdm/kfrontend/kgverify.cpp
@@ -269,6 +269,13 @@ KGVerify::setUser( const TQString &user )
}
void
+KGVerify::setPassword( const TQString &pass )
+{
+ greet->setPassword( pass );
+ gplugActivity();
+}
+
+void
KGVerify::start()
{
authTok = (func == KGreeterPlugin::ChAuthTok);
diff --git a/kdm/kfrontend/kgverify.h b/kdm/kfrontend/kgverify.h
index 0d76b5e7f..41451d800 100644
--- a/kdm/kfrontend/kgverify.h
+++ b/kdm/kfrontend/kgverify.h
@@ -100,6 +100,7 @@ class KGVerify : public TQObject, public KGreeterPluginHandler {
void presetEntity( const TQString &entity, int field );
TQString getEntity() const;
void setUser( const TQString &user );
+ void setPassword( const TQString &pass );
/* virtual */ void selectPlugin( int id );
bool entitiesLocal() const;
bool entitiesFielded() const;
diff --git a/kdm/kfrontend/sakdlg.cc b/kdm/kfrontend/sakdlg.cc
index 2db602409..b19e18ed0 100644
--- a/kdm/kfrontend/sakdlg.cc
+++ b/kdm/kfrontend/sakdlg.cc
@@ -38,7 +38,9 @@
#include <tqlistview.h>
#include <tqheader.h>
#include <tqcheckbox.h>
+#include <tqtimer.h>
+#include <fcntl.h>
#include <ctype.h>
#include <unistd.h>
#include <stdlib.h>
@@ -52,12 +54,29 @@
#include <X11/Xatom.h>
#include <fixx11h.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <errno.h>
+#include <limits.h>
+#include <dirent.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/select.h>
+#include <sys/time.h>
+#include <termios.h>
+#include <signal.h>
+
#include "kfdialog.h"
#ifndef AF_LOCAL
# define AF_LOCAL AF_UNIX
#endif
+#define FIFO_DIR "/tmp/ksocket-global/kdm"
+#define FIFO_FILE "/tmp/ksocket-global/kdm/kdmctl-%1"
+#define FIFO_SAK_FILE "/tmp/ksocket-global/kdm/kdmctl-sak-%1"
+
bool trinity_desktop_lock_use_system_modal_dialogs = TRUE;
extern bool trinity_desktop_lock_use_sak;
@@ -67,7 +86,7 @@ extern bool trinity_desktop_lock_use_sak;
//
SAKDlg::SAKDlg(TQWidget *parent)
: TQDialog(parent, "information dialog", true, (trinity_desktop_lock_use_system_modal_dialogs?((WFlags)WStyle_StaysOnTop):((WFlags)WX11BypassWM))),
- mUnlockingFailed(false)
+ mUnlockingFailed(false), mPipe_fd(-1), closingDown(false)
{
if (trinity_desktop_lock_use_system_modal_dialogs) {
// Signal that we do not want any window controls to be shown at all
@@ -109,21 +128,97 @@ SAKDlg::SAKDlg(TQWidget *parent)
*mSAKProcess << "kdmtsak" << "dm";
connect(mSAKProcess, TQT_SIGNAL(processExited(KProcess*)), this, TQT_SLOT(slotSAKProcessExited()));
mSAKProcess->start();
+
+ TQTimer::singleShot( 0, this, TQT_SLOT(handleInputPipe()) );
}
void SAKDlg::slotSAKProcessExited()
{
int retcode = mSAKProcess->exitStatus();
if (retcode != 0) trinity_desktop_lock_use_sak = false;
+ closingDown = true;
hide();
}
+void SAKDlg::handleInputPipe(void) {
+ if (closingDown) {
+ ::unlink(mPipeFilename.ascii());
+ return;
+ }
+
+ if (isShown() == false) {
+ TQTimer::singleShot( 100, this, TQT_SLOT(handleInputPipe()) );
+ return;
+ }
+
+ char readbuf[2048];
+ int displayNumber;
+ TQString currentDisplay;
+ currentDisplay = TQString(getenv("DISPLAY"));
+ currentDisplay = currentDisplay.replace(":", "");
+ displayNumber = currentDisplay.toInt();
+ mPipeFilename = TQString(FIFO_SAK_FILE).tqarg(displayNumber);
+ ::unlink((TQString(FIFO_FILE).tqarg(displayNumber)).ascii());
+
+ /* Create the FIFOs if they do not exist */
+ umask(0);
+ struct stat buffer;
+ int status;
+ status = stat(FIFO_DIR, &buffer);
+ if (status == 0) {
+ int file_mode = ((buffer.st_mode & S_IRWXU) >> 6) * 100;
+ file_mode = file_mode + ((buffer.st_mode & S_IRWXG) >> 3) * 10;
+ file_mode = file_mode + ((buffer.st_mode & S_IRWXO) >> 0) * 1;
+ if ((file_mode != 600) || (buffer.st_uid != 0) || (buffer.st_gid != 0)) {
+ ::unlink(mPipeFilename.ascii());
+ printf("[WARNING] Possible security breach! Please check permissions on " FIFO_DIR " (must be 600 and owned by root/root, got %d %d/%d). Not listening for login credentials on remote control socket.\n", file_mode, buffer.st_uid, buffer.st_gid); fflush(stdout);
+ return;
+ }
+ }
+ mkdir(FIFO_DIR,0600);
+ mknod(mPipeFilename.ascii(), S_IFIFO|0600, 0);
+ chmod(mPipeFilename.ascii(), 0600);
+
+ mPipe_fd = ::open(mPipeFilename.ascii(), O_RDONLY | O_NONBLOCK);
+ int numread;
+ TQString inputcommand = "";
+ while ((!inputcommand.contains('\n')) && (!closingDown)) {
+ numread = ::read(mPipe_fd, readbuf, 2048);
+ readbuf[numread] = 0;
+ readbuf[2047] = 0;
+ inputcommand += readbuf;
+ tqApp->processEvents();
+ }
+ if (closingDown) {
+ ::unlink(mPipeFilename.ascii());
+ return;
+ }
+ inputcommand = inputcommand.replace('\n', "");
+ TQStringList commandList = TQStringList::split('\t', inputcommand, false);
+ if ((*(commandList.at(0))) == "CLOSE") {
+ mSAKProcess->kill();
+ }
+ if (!closingDown) {
+ TQTimer::singleShot( 0, this, TQT_SLOT(handleInputPipe()) );
+ ::close(mPipe_fd);
+ ::unlink(mPipeFilename.ascii());
+ }
+ else {
+ ::unlink(mPipeFilename.ascii());
+ }
+}
+
SAKDlg::~SAKDlg()
{
if ((mSAKProcess) && (mSAKProcess->isRunning())) {
mSAKProcess->kill(SIGTERM);
delete mSAKProcess;
}
+ if (mPipe_fd != -1) {
+ closingDown = true;
+ ::close(mPipe_fd);
+ ::unlink(mPipeFilename.ascii());
+ }
hide();
}
diff --git a/kdm/kfrontend/sakdlg.h b/kdm/kfrontend/sakdlg.h
index d94322f79..a930707b1 100644
--- a/kdm/kfrontend/sakdlg.h
+++ b/kdm/kfrontend/sakdlg.h
@@ -38,6 +38,7 @@ public:
private slots:
void slotSAKProcessExited();
+ void handleInputPipe();
protected slots:
virtual void reject();
@@ -52,6 +53,11 @@ private:
TQStringList::iterator currLayout;
int sPid, sFd;
KProcess* mSAKProcess;
+ int mPipe_fd;
+ TQString mPipeFilename;
+
+protected:
+ bool closingDown;
};
#endif