summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMartin Gräßlin <[email protected]>2017-02-26 12:55:01 +0100
committerMartin Gräßlin <[email protected]>2017-04-19 17:40:05 +0200
commitd666fe879d4682b1c9a0f9f2a7a29e6644adbf10 (patch)
treecb877d621cad3bbaefc18ac069e12b668004f237
parent565259358ec0b742174289b714adc300c1479cf6 (diff)
[greeter] Send the auth result through the server instead return value
Summary: Given that we have the protocol and don't use the legacy conv any more there is no need to go through exit code mapping. By not using exit code we can start reusing one kcheckpass for multiple auth request and turn it into a kind of daemon, which is a requirement for enabling seccomp in kscreenlocker_greet. Test Plan: Tested with the new test helper Reviewers: #plasma Subscribers: plasma-devel Tags: #plasma Differential Revision: https://phabricator.kde.org/D4806
-rw-r--r--greeter/authenticator.cpp24
-rw-r--r--greeter/autotests/fakekcheckpass.c11
-rw-r--r--kcheckpass/kcheckpass-enums.h6
-rw-r--r--kcheckpass/kcheckpass.c22
4 files changed, 44 insertions, 19 deletions
diff --git a/greeter/authenticator.cpp b/greeter/authenticator.cpp
index 1389c6d..5b8a56c 100644
--- a/greeter/authenticator.cpp
+++ b/greeter/authenticator.cpp
@@ -241,6 +241,18 @@ void KCheckPass::handleVerify()
emit error(QString::fromLocal8Bit(arr));
::free( arr );
return;
+ case ConvPutAuthSucceeded:
+ emit succeeded();
+ return;
+ case ConvPutAuthFailed:
+ emit failed();
+ return;
+ case ConvPutAuthError:
+ cantCheck();
+ return;
+ case ConvPutAuthAbort:
+ // what to do here?
+ return;
}
}
reapVerify();
@@ -258,18 +270,6 @@ void KCheckPass::reapVerify()
cantCheck();
return;
}
- if (WIFEXITED(status))
- switch (WEXITSTATUS(status)) {
- case AuthOk:
- emit succeeded();
- return;
- case AuthBad:
- emit failed();
- return;
- case AuthAbort:
- return;
- }
- cantCheck();
}
void KCheckPass::cantCheck()
diff --git a/greeter/autotests/fakekcheckpass.c b/greeter/autotests/fakekcheckpass.c
index 159f69b..fb5ce0d 100644
--- a/greeter/autotests/fakekcheckpass.c
+++ b/greeter/autotests/fakekcheckpass.c
@@ -251,16 +251,17 @@ main(int argc, char **argv)
/* Now do the fandango */
const char *password = conv_server(ConvGetHidden, 0);
if (strcmp(password, "testpassword") == 0) {
- return AuthOk;
+ conv_server(ConvPutAuthSucceeded, 0);
} else if (strcmp(password, "info") == 0) {
conv_server(ConvPutInfo, "You wanted some info, here you have it");
- return AuthOk;
+ conv_server(ConvPutAuthSucceeded, 0);
} else if (strcmp(password, "error") == 0) {
conv_server(ConvPutError, "The world is going to explode");
- return AuthError;
+ conv_server(ConvPutAuthFailed, 0);
} else if (strcmp(password, "") == 0) {
conv_server(ConvPutError, "Hey, don't give me an empty password");
- return AuthError;
+ } else {
+ conv_server(ConvPutAuthFailed, 0);
}
- return AuthBad;
+ return 0;
}
diff --git a/kcheckpass/kcheckpass-enums.h b/kcheckpass/kcheckpass-enums.h
index 58387ff..66389ee 100644
--- a/kcheckpass/kcheckpass-enums.h
+++ b/kcheckpass/kcheckpass-enums.h
@@ -54,7 +54,11 @@ typedef enum {
ConvGetNormal,
ConvGetHidden,
ConvPutInfo,
- ConvPutError
+ ConvPutError,
+ ConvPutAuthSucceeded,
+ ConvPutAuthFailed,
+ ConvPutAuthError,
+ ConvPutAuthAbort
} ConvRequest;
/* these must match the defs in kgreeterplugin.h */
diff --git a/kcheckpass/kcheckpass.c b/kcheckpass/kcheckpass.c
index 5b071ae..bb80146 100644
--- a/kcheckpass/kcheckpass.c
+++ b/kcheckpass/kcheckpass.c
@@ -206,6 +206,11 @@ conv_server (ConvRequest what, const char *prompt)
nullpass = 1;
return msg;
}
+ case ConvPutAuthSucceeded:
+ case ConvPutAuthFailed:
+ case ConvPutAuthError:
+ case ConvPutAuthAbort:
+ return 0;
case ConvPutInfo:
case ConvPutError:
default:
@@ -328,8 +333,23 @@ main(int argc, char **argv)
syslog(LOG_NOTICE, "Authentication failure for %s (invoked by uid %d)", username, uid);
}
}
+ switch (ret) {
+ case AuthOk:
+ conv_server(ConvPutAuthSucceeded, 0);
+ break;
+ case AuthBad:
+ conv_server(ConvPutAuthFailed, 0);
+ break;
+ case AuthError:
+ conv_server(ConvPutAuthError, 0);
+ break;
+ case AuthAbort:
+ conv_server(ConvPutAuthAbort, 0);
+ default:
+ break;
+ }
- return ret;
+ return 0;
}
void