summaryrefslogtreecommitdiffstats
path: root/kdmlib
diff options
context:
space:
mode:
Diffstat (limited to 'kdmlib')
-rw-r--r--kdmlib/kdmtsak.cpp45
1 files changed, 42 insertions, 3 deletions
diff --git a/kdmlib/kdmtsak.cpp b/kdmlib/kdmtsak.cpp
index 10b8c1acf..cf7de783f 100644
--- a/kdmlib/kdmtsak.cpp
+++ b/kdmlib/kdmtsak.cpp
@@ -24,7 +24,7 @@
#define FIFO_FILE "/tmp/ksocket-global/tsak"
-TQString exec(char* cmd) {
+TQString exec(const char * cmd) {
FILE* pipe = popen(cmd, "r");
if (!pipe) return "ERROR";
char buffer[128];
@@ -37,6 +37,30 @@ TQString exec(char* cmd) {
return result;
}
+bool is_vt_local() {
+ const char * currentDisplay;
+ currentDisplay = getenv ("DISPLAY");
+ if (currentDisplay == NULL) {
+ return false;
+ }
+ else {
+ TQString cvtName = "";
+ TQString output = exec("kdmctl list");
+ TQStringList sessionList = TQStringList::split('\t', output, false);
+ // See if the current session is local
+ for ( TQStringList::Iterator it = sessionList.begin(); it != sessionList.end(); ++it ) {
+ TQStringList sessionInfoList = TQStringList::split(',', *it, true);
+ if ((*(sessionInfoList.at(0))).startsWith(":")) {
+ if (TQString(currentDisplay).startsWith(*(sessionInfoList.at(0)))) {
+ return true;
+ }
+ }
+ }
+ // Not local
+ return false;
+ }
+}
+
bool is_vt_active() {
const char * currentDisplay;
currentDisplay = getenv ("DISPLAY");
@@ -49,8 +73,8 @@ bool is_vt_active() {
TQString curConsole = exec("fgconsole");
bool intFound;
int curConsoleNum = curConsole.toInt(&intFound);
- if (intFound = false) {
- return 1;
+ if (intFound == false) {
+ return true;
}
curConsole = TQString("vt%1").tqarg(curConsoleNum);;
TQStringList sessionList = TQStringList::split('\t', output, false);
@@ -96,6 +120,21 @@ int main (int argc, char *argv[])
int verifier_result = tde_sak_verify_calling_process();
+ bool isdm = false;
+ if (argc == 2) {
+ if (strcmp(argv[1], "dm") == 0) {
+ isdm = true;
+ }
+ }
+
+ if (!isdm) {
+ // Verify that the session is local
+ // Remote sessions cannot press the SAK for obvious reasons
+ if (!is_vt_local()) {
+ return 6; // SAK not available
+ }
+ }
+
if (verifier_result == 0) {
// OK, the calling process is authorized to retrieve SAK data
// First, flush the buffer