- (djm) Warn user if grabs fail in GNOME askpass. Patch from Zack Weinberg

<zack@wolery.cumb.org>
This commit is contained in:
Damien Miller 2000-06-07 20:08:19 +10:00
parent d3a185709d
commit 5314ae7855
3 changed files with 44 additions and 20 deletions

View File

@ -51,6 +51,7 @@ Thomas Neumann <tom@smart.ruhr.de> - Shadow passwords
Tom Bertelson's <tbert@abac.com> - AIX auth fixes Tom Bertelson's <tbert@abac.com> - AIX auth fixes
Tor-Ake Fransson <torake@hotmail.com> - AIX support Tor-Ake Fransson <torake@hotmail.com> - AIX support
Tudor Bosman <tudorb@jm.nu> - MD5 password support Tudor Bosman <tudorb@jm.nu> - MD5 password support
Zack Weinberg <zack@wolery.cumb.org> - GNOME askpass enhancement
Apologies to anyone I have missed. Apologies to anyone I have missed.

View File

@ -1,6 +1,8 @@
20000606 20000606
- (djm) Fix rsh path in RPMs. Report from Jason L Tibbitts III - (djm) Fix rsh path in RPMs. Report from Jason L Tibbitts III
<tibbs@math.uh.edu> <tibbs@math.uh.edu>
- (djm) Warn user if grabs fail in GNOME askpass. Patch from Zack Weinberg
<zack@wolery.cumb.org>
- (djm) OpenBSD CVS updates: - (djm) OpenBSD CVS updates:
- todd@cvs.openbsd.org - todd@cvs.openbsd.org
[sshconnect2.c] [sshconnect2.c]

View File

@ -49,7 +49,22 @@
#include <X11/Xlib.h> #include <X11/Xlib.h>
#include <gdk/gdkx.h> #include <gdk/gdkx.h>
int passphrase_dialog(char **passphrase_p, char *message) void
report_failed_grab (void)
{
GtkWidget *err;
err = gnome_message_box_new("Could not grab keyboard or mouse.\n"
"A malicious client may be eavesdropping on your session.",
GNOME_MESSAGE_BOX_ERROR, "EXIT", NULL);
gtk_window_set_position(GTK_WINDOW(err), GTK_WIN_POS_CENTER);
gtk_object_set(GTK_OBJECT(err), "type", GTK_WINDOW_POPUP, NULL);
gnome_dialog_run_and_close(GNOME_DIALOG(err));
}
void
passphrase_dialog(char *message)
{ {
char *passphrase; char *passphrase;
int result; int result;
@ -80,8 +95,11 @@ int passphrase_dialog(char **passphrase_p, char *message)
/* Grab focus */ /* Grab focus */
XGrabServer(GDK_DISPLAY()); XGrabServer(GDK_DISPLAY());
gdk_pointer_grab(dialog->window, TRUE, 0, NULL, NULL, GDK_CURRENT_TIME); if (gdk_pointer_grab(dialog->window, TRUE, 0,
gdk_keyboard_grab(dialog->window, FALSE, GDK_CURRENT_TIME); NULL, NULL, GDK_CURRENT_TIME))
goto nograb;
if (gdk_keyboard_grab(dialog->window, FALSE, GDK_CURRENT_TIME))
goto nograbkb;
/* Make <enter> close dialog */ /* Make <enter> close dialog */
gnome_dialog_editable_enters(GNOME_DIALOG(dialog), GTK_EDITABLE(entry)); gnome_dialog_editable_enters(GNOME_DIALOG(dialog), GTK_EDITABLE(entry));
@ -95,26 +113,33 @@ int passphrase_dialog(char **passphrase_p, char *message)
gdk_keyboard_ungrab(GDK_CURRENT_TIME); gdk_keyboard_ungrab(GDK_CURRENT_TIME);
gdk_flush(); gdk_flush();
/* Report passphrase if user selected OK */
passphrase = gtk_entry_get_text(GTK_ENTRY(entry)); passphrase = gtk_entry_get_text(GTK_ENTRY(entry));
/* Take copy of passphrase if user selected OK */
if (result == 0) if (result == 0)
*passphrase_p = strdup(passphrase); puts(passphrase);
else
*passphrase_p = NULL;
/* Zero existing passphrase */ /* Zero passphrase in memory */
memset(passphrase, '\0', strlen(passphrase)); memset(passphrase, '\0', strlen(passphrase));
gtk_entry_set_text(GTK_ENTRY(entry), passphrase); gtk_entry_set_text(GTK_ENTRY(entry), passphrase);
gnome_dialog_close(GNOME_DIALOG(dialog)); gnome_dialog_close(GNOME_DIALOG(dialog));
return;
return (result == 0); /* At least one grab failed - ungrab what we got, and report
the failure to the user. Note that XGrabServer() cannot
fail. */
nograbkb:
gdk_pointer_ungrab(GDK_CURRENT_TIME);
nograb:
XUngrabServer(GDK_DISPLAY());
gnome_dialog_close(GNOME_DIALOG(dialog));
report_failed_grab();
} }
int main(int argc, char **argv) int
main(int argc, char **argv)
{ {
char *passphrase;
char *message; char *message;
gnome_init("GNOME ssh-askpass", "0.1", argc, argv); gnome_init("GNOME ssh-askpass", "0.1", argc, argv);
@ -124,11 +149,7 @@ int main(int argc, char **argv)
else else
message = "Enter your OpenSSH passphrase:"; message = "Enter your OpenSSH passphrase:";
if (passphrase_dialog(&passphrase, message)) setvbuf(stdout, 0, _IONBF, 0);
{ passphrase_dialog(message);
puts(passphrase);
memset(passphrase, '\0', strlen(passphrase));
}
return 0; return 0;
} }