aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/Makefile.in2
-rw-r--r--src/dummy-strings.c2
-rw-r--r--src/ka-applet.c17
-rw-r--r--src/ka-dialog.c82
-rw-r--r--src/ka-gconf-tools.c20
-rw-r--r--src/ka-gconf.c6
-rw-r--r--src/ka-pwdialog.c5
-rw-r--r--src/ka-tools.c2
-rw-r--r--src/krb5-auth-dialog.desktop.in1
-rw-r--r--src/krb5-auth-dialog.xml4
10 files changed, 56 insertions, 85 deletions
diff --git a/src/Makefile.in b/src/Makefile.in
index b812d80..ace15f5 100644
--- a/src/Makefile.in
+++ b/src/Makefile.in
@@ -246,6 +246,8 @@ PACKAGE_VERSION = @PACKAGE_VERSION@
PAM_LIBS = @PAM_LIBS@
PATH_SEPARATOR = @PATH_SEPARATOR@
PKG_CONFIG = @PKG_CONFIG@
+PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
+PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
POFILES = @POFILES@
POSUB = @POSUB@
PO_IN_DATADIR_FALSE = @PO_IN_DATADIR_FALSE@
diff --git a/src/dummy-strings.c b/src/dummy-strings.c
index 7f8bbee..272ee53 100644
--- a/src/dummy-strings.c
+++ b/src/dummy-strings.c
@@ -5,7 +5,7 @@
const char *dummy[] = {
/* Translators: files from dummy-strings.c are *all* possible errors
returned from Kerberos (since Kerberos itself doesn't handle i18n). If in
- doubt please translate strings from files starting with krb5-auth
+ doubt please translate strings from files starting with ka- and krb5-auth-
first since these are the ones the user will see in any case. */
N_("ASN.1 failed call to system time library"), /* asn1_err.et:asn1:ASN1_BAD_TIMEFORMAT */
N_("ASN.1 structure is missing a required field"), /* asn1_err.et:asn1:ASN1_MISSING_FIELD */
diff --git a/src/ka-applet.c b/src/ka-applet.c
index 472f4f5..bce4288 100644
--- a/src/ka-applet.c
+++ b/src/ka-applet.c
@@ -463,7 +463,8 @@ ka_send_event_notification (KaApplet *applet,
const char *icon,
const char *action)
{
- const char *notify_icon;
+ const char *notify_icon;
+ GError *error = NULL;
g_return_if_fail (applet != NULL);
g_return_if_fail (summary != NULL);
@@ -473,8 +474,16 @@ ka_send_event_notification (KaApplet *applet,
notify_init (PACKAGE);
if (applet->priv->notification != NULL) {
- notify_notification_close (applet->priv->notification, NULL);
+ if (!notify_notification_close (applet->priv->notification,
+ &error)) {
+ if (error)
+ g_warning ("Cannot close notification %s",
+ error->message);
+ else
+ g_warning ("Cannot close notification");
+ }
g_object_unref (applet->priv->notification);
+ g_clear_error (&error);
}
notify_icon = icon ? icon : "krb-valid-ticket";
@@ -620,7 +629,7 @@ ka_applet_cb_preferences (GtkWidget* menuitem G_GNUC_UNUSED,
G_CALLBACK (gtk_widget_destroy),
NULL);
gtk_widget_show (message_dialog);
- g_error_free (error);
+ g_clear_error (&error);
}
}
@@ -661,7 +670,7 @@ ka_about_dialog_url_hook (GtkAboutDialog *about,
G_CALLBACK (gtk_widget_destroy),
NULL);
gtk_widget_show (message_dialog);
- g_error_free (error);
+ g_clear_error (&error);
}
}
diff --git a/src/ka-dialog.c b/src/ka-dialog.c
index f8d0fea..f11293d 100644
--- a/src/ka-dialog.c
+++ b/src/ka-dialog.c
@@ -206,6 +206,7 @@ credentials_expiring_real (KaApplet* applet)
krb5_timestamp now;
gboolean retval = FALSE;
+ memset(&my_creds, 0, sizeof(my_creds));
ka_applet_set_tgt_renewable(applet, FALSE);
if (!ka_get_tgt_from_ccache (kcontext, &my_creds)) {
creds_expiry = 0;
@@ -223,13 +224,17 @@ credentials_expiring_real (KaApplet* applet)
(now + ka_applet_get_pw_prompt_secs(applet) > my_creds.times.endtime))
retval = TRUE;
- /* If our creds are expiring, determine whether they are renewable */
- if (retval && get_cred_renewable(&my_creds) && my_creds.times.renew_till > now) {
+ /* If our creds are expiring, determine whether they are renewable.
+ * If the expiry is already at the renew_till time, don't consider
+ * credentials renewable */
+ if (retval && get_cred_renewable(&my_creds)
+ && my_creds.times.renew_till > now
+ && my_creds.times.renew_till > creds_expiry) {
ka_applet_set_tgt_renewable(applet, TRUE);
}
- krb5_free_cred_contents (kcontext, &my_creds);
out:
+ krb5_free_cred_contents (kcontext, &my_creds);
ka_applet_update_status(applet, creds_expiry);
return retval;
}
@@ -557,46 +562,6 @@ ka_set_ticket_options(KaApplet* applet, krb5_context context,
}
-/*
- * set ticket options
- * by looking at krb5.conf, the passed in creds and gconf
- */
-static void
-set_options_from_creds(const KaApplet* applet,
- krb5_context context,
- krb5_creds *in,
- krb5_get_init_creds_opt *out)
-{
- krb5_deltat renew_lifetime;
- int flag;
-
-#ifdef HAVE_KRB5_GET_INIT_CREDS_OPT_SET_DEFAULT_FLAGS
- krb5_get_init_creds_opt_set_default_flags(context, PACKAGE,
- krb5_principal_get_realm(context, kprincipal), out);
-#endif
-
- flag = get_cred_forwardable(in) != 0;
- krb5_get_init_creds_opt_set_forwardable(out, flag);
- flag = get_cred_proxiable(in) != 0;
- krb5_get_init_creds_opt_set_proxiable(out, flag);
- flag = get_cred_renewable(in) != 0;
- if (flag && (in->times.renew_till > in->times.starttime)) {
- renew_lifetime = in->times.renew_till -
- in->times.starttime;
- krb5_get_init_creds_opt_set_renew_life(out,
- renew_lifetime);
- }
- if (in->times.endtime >
- in->times.starttime + ka_applet_get_pw_prompt_secs(applet)) {
- krb5_get_init_creds_opt_set_tkt_life(out,
- in->times.endtime -
- in->times.starttime);
- }
- /* This doesn't do a deep copy -- fix it later. */
- /* krb5_get_init_creds_opt_set_address_list(out, creds->addresses); */
-}
-
-
#if ENABLE_PKINIT && HAVE_KRB5_GET_INIT_CREDS_OPT_SET_PKINIT
static krb5_error_code
ka_auth_heimdal_pkinit(KaApplet* applet, krb5_creds* creds,
@@ -728,14 +693,13 @@ ccache_changed_cb (GFileMonitor *monitor G_GNUC_UNUSED,
}
-static gboolean
+static GFileMonitor*
monitor_ccache(KaApplet *applet)
{
const gchar *ccache_name;
GFile *ccache;
- GFileMonitor *monitor;
+ GFileMonitor *monitor = NULL;
GError *err = NULL;
- gboolean ret = FALSE;
ccache_name = ka_ccache_filename ();
g_return_val_if_fail (ccache_name != NULL, FALSE);
@@ -749,18 +713,14 @@ monitor_ccache(KaApplet *applet)
credentials_expiring ((gpointer)applet);
else
g_warning ("Failed to monitor %s: %s", ccache_name, err->message);
- goto out;
} else {
/* g_file_monitor_set_rate_limit(monitor, 10*1000); */
g_signal_connect (monitor, "changed", G_CALLBACK (ccache_changed_cb), applet);
KA_DEBUG ("Monitoring %s", ccache_name);
- ret = TRUE;
}
-out:
g_object_unref (ccache);
- if (err)
- g_error_free (err);
- return ret;
+ g_clear_error (&err);
+ return monitor;
}
@@ -846,8 +806,8 @@ ka_renew_credentials (KaApplet* applet)
krb5_error_code retval;
krb5_creds my_creds;
krb5_ccache ccache;
- krb5_get_init_creds_opt opts;
+ memset(&my_creds, 0, sizeof(my_creds));
if (kprincipal == NULL) {
retval = ka_parse_name(applet, kcontext, &kprincipal);
if (retval)
@@ -860,15 +820,13 @@ ka_renew_credentials (KaApplet* applet)
retval = ka_get_tgt_from_ccache (kcontext, &my_creds);
if (!retval) {
+ krb5_free_cred_contents (kcontext, &my_creds);
krb5_cc_close (kcontext, ccache);
return -1;
}
- krb5_get_init_creds_opt_init (&opts);
- set_options_from_creds (applet, kcontext, &my_creds, &opts);
-
if (ka_applet_get_tgt_renewable(applet)) {
-
+ krb5_free_cred_contents (kcontext, &my_creds);
retval = get_renewed_creds (kcontext, &my_creds, kprincipal, ccache, NULL);
if (retval)
goto out;
@@ -921,12 +879,11 @@ ka_get_tgt_from_ccache (krb5_context context, krb5_creds *creds)
get_principal_realm_data(principal), 0)) {
goto out_free_princ;
}
-
pattern.client = principal;
if (!krb5_cc_retrieve_cred(context, ccache, 0, &pattern, creds))
ret = TRUE;
- krb5_free_principal(context, pattern.server);
+ krb5_free_principal(context, pattern.server);
out_free_princ:
krb5_free_principal(context, principal);
out:
@@ -1124,6 +1081,7 @@ main (int argc, char *argv[])
"Always run", NULL},
{ NULL, 0, 0, G_OPTION_ARG_NONE, NULL, NULL, NULL }
};
+ GFileMonitor *monitor = NULL;
context = g_option_context_new ("- Kerberos 5 credential checking");
g_option_context_add_main_entries (context, options, NULL);
@@ -1134,7 +1092,7 @@ main (int argc, char *argv[])
g_print ("%s\n%s\n",
error->message,
help_msg);
- g_error_free (error);
+ g_clear_error (&error);
return 1;
}
g_option_context_free (context);
@@ -1161,11 +1119,13 @@ main (int argc, char *argv[])
if (credentials_expiring ((gpointer)applet)) {
g_timeout_add_seconds (CREDENTIAL_CHECK_INTERVAL, (GSourceFunc)credentials_expiring, applet);
- monitor_ccache (applet);
+ monitor = monitor_ccache (applet);
}
ka_dbus_service(applet);
gtk_main ();
}
ka_nm_shutdown();
+ if (monitor)
+ g_object_unref (monitor);
return 0;
}
diff --git a/src/ka-gconf-tools.c b/src/ka-gconf-tools.c
index 60fd567..c7cc711 100644
--- a/src/ka-gconf-tools.c
+++ b/src/ka-gconf-tools.c
@@ -40,8 +40,8 @@ ka_gconf_get_string (GConfClient* client,
*value = g_strdup (gconf_value_get_string (gc_value));
success = TRUE;
} else if (error) {
- g_print ("%s", error->message);
- g_error_free (error);
+ g_warning ("%s", error->message);
+ g_clear_error (&error);
}
gconf_value_free (gc_value);
}
@@ -64,8 +64,8 @@ ka_gconf_get_string_list (GConfClient* client,
if ((*list = gconf_client_get_list (client, key,
GCONF_VALUE_STRING, &error))) {
if (error) {
- g_print ("%s", error->message);
- g_error_free (error);
+ g_warning ("%s", error->message);
+ g_clear_error (&error);
} else
success = TRUE;
}
@@ -92,8 +92,8 @@ ka_gconf_get_int (GConfClient* client,
*value = gconf_value_get_int (gc_value);
success = TRUE;
} else if (error) {
- g_print ("%s", error->message);
- g_error_free (error);
+ g_warning("%s", error->message);
+ g_clear_error (&error);
}
gconf_value_free (gc_value);
}
@@ -119,8 +119,8 @@ ka_gconf_get_bool (GConfClient* client,
*value = gconf_value_get_bool (gc_value);
success = TRUE;
} else if (error) {
- g_print ("%s", error->message);
- g_error_free (error);
+ g_warning ("%s", error->message);
+ g_clear_error (&error);
}
gconf_value_free (gc_value);
}
@@ -140,8 +140,8 @@ ka_gconf_set_bool (GConfClient* client,
if(!gconf_client_set_bool (client, key, value, &error)) {
if (error) {
- g_print ("%s", error->message);
- g_error_free (error);
+ g_warning ("%s", error->message);
+ g_clear_error (&error);
}
return FALSE;
}
diff --git a/src/ka-gconf.c b/src/ka-gconf.c
index 10ef703..4e3d1aa 100644
--- a/src/ka-gconf.c
+++ b/src/ka-gconf.c
@@ -202,10 +202,10 @@ ka_gconf_init (KaApplet* applet)
ka_gconf_set_tgt_renewable(client, applet);
ka_gconf_set_tgt_proxiable(client, applet);
out:
- if(error) {
+ if (error) {
client = NULL;
- g_print ("%s", error->message);
- g_error_free (error);
+ g_warning ("%s", error->message);
+ g_clear_error (&error);
}
return client;
}
diff --git a/src/ka-pwdialog.c b/src/ka-pwdialog.c
index 2f8463c..da34471 100644
--- a/src/ka-pwdialog.c
+++ b/src/ka-pwdialog.c
@@ -96,7 +96,8 @@ grab_keyboard (GtkWidget *win, GdkEvent *event, gpointer data)
GdkGrabStatus status;
if (!pwdialog->priv->grabbed) {
- status = gdk_keyboard_grab (win->window, FALSE, gdk_event_get_time (event));
+ status = gdk_keyboard_grab (gtk_widget_get_window (win),
+ FALSE, gdk_event_get_time (event));
if (status == GDK_GRAB_SUCCESS)
pwdialog->priv->grabbed = TRUE;
else
@@ -123,7 +124,7 @@ ungrab_keyboard (GtkWidget *win G_GNUC_UNUSED,
static gboolean
window_state_changed (GtkWidget *win, GdkEventWindowState *event, gpointer data)
{
- GdkWindowState state = gdk_window_get_state (win->window);
+ GdkWindowState state = gdk_window_get_state (gtk_widget_get_window (win));
if (state & GDK_WINDOW_STATE_WITHDRAWN ||
state & GDK_WINDOW_STATE_ICONIFIED ||
diff --git a/src/ka-tools.c b/src/ka-tools.c
index 177e64e..260d101 100644
--- a/src/ka-tools.c
+++ b/src/ka-tools.c
@@ -51,7 +51,7 @@ ka_show_help (GdkScreen* screen, const char* chapter, GtkWindow* window)
NULL);
gtk_widget_show (message_dialog);
- g_error_free (error);
+ g_clear_error (&error);
}
g_free (url);
}
diff --git a/src/krb5-auth-dialog.desktop.in b/src/krb5-auth-dialog.desktop.in
index 653ef3c..6c83b31 100644
--- a/src/krb5-auth-dialog.desktop.in
+++ b/src/krb5-auth-dialog.desktop.in
@@ -1,7 +1,6 @@
[Desktop Entry]
_Name=Network Authentication
_Comment=Kerberos Network Authentication Dialog
-Encoding=UTF-8
Exec=krb5-auth-dialog
Terminal=false
Type=Application
diff --git a/src/krb5-auth-dialog.xml b/src/krb5-auth-dialog.xml
index d379265..0df79ef 100644
--- a/src/krb5-auth-dialog.xml
+++ b/src/krb5-auth-dialog.xml
@@ -6,8 +6,8 @@
<property name="border_width">6</property>
<property name="title" translatable="yes">Network Authentication</property>
<property name="resizable">False</property>
- <property name="window_position">center</property>
- <property name="type_hint">normal</property>
+ <property name="window_position">center-always</property>
+ <property name="type_hint">dialog</property>
<property name="has_separator">False</property>
<child internal-child="vbox">
<object class="GtkVBox" id="dialog-vbox2">
bgstack15