From 7dfce86b3a06e5e5aa78e269df4d6c53b140024b Mon Sep 17 00:00:00 2001 From: Guido Günther Date: Mon, 13 Jul 2009 18:46:06 +0200 Subject: Imported Upstream version 0.12 --- preferences/Makefile.am | 1 + preferences/Makefile.in | 2 + preferences/krb5-auth-dialog-preferences.c | 160 +++++++++++++++- preferences/krb5-auth-dialog-preferences.xml | 271 ++++++++++++++++----------- 4 files changed, 325 insertions(+), 109 deletions(-) (limited to 'preferences') diff --git a/preferences/Makefile.am b/preferences/Makefile.am index 48c9be0..15bbf00 100644 --- a/preferences/Makefile.am +++ b/preferences/Makefile.am @@ -19,6 +19,7 @@ krb5_auth_dialog_preferences_CPPFLAGS = \ krb5_auth_dialog_preferences_CFLAGS = \ $(GTK_CFLAGS) \ $(GCONF_CFLAGS) \ + $(WARN_CFLAGS) \ $(AM_CFLAGS) diff --git a/preferences/Makefile.in b/preferences/Makefile.in index 4445e9e..2ec239e 100644 --- a/preferences/Makefile.in +++ b/preferences/Makefile.in @@ -194,6 +194,7 @@ POSUB = @POSUB@ PO_IN_DATADIR_FALSE = @PO_IN_DATADIR_FALSE@ PO_IN_DATADIR_TRUE = @PO_IN_DATADIR_TRUE@ RANLIB = @RANLIB@ +SC_PKCS11 = @SC_PKCS11@ SED = @SED@ SETCAP = @SETCAP@ SET_MAKE = @SET_MAKE@ @@ -277,6 +278,7 @@ krb5_auth_dialog_preferences_CPPFLAGS = \ krb5_auth_dialog_preferences_CFLAGS = \ $(GTK_CFLAGS) \ $(GCONF_CFLAGS) \ + $(WARN_CFLAGS) \ $(AM_CFLAGS) krb5_auth_dialog_preferences_LDADD = \ diff --git a/preferences/krb5-auth-dialog-preferences.c b/preferences/krb5-auth-dialog-preferences.c index 4edd565..442d4f3 100644 --- a/preferences/krb5-auth-dialog-preferences.c +++ b/preferences/krb5-auth-dialog-preferences.c @@ -36,6 +36,9 @@ #include "krb5-auth-gconf-tools.h" #include "krb5-auth-tools.h" +#define PKINIT_SMARTCARD "PKCS11:" SC_PKCS11 +#define PKINIT_FILE "FILE:" + #define N_LISTENERS 8 typedef struct { @@ -45,7 +48,10 @@ typedef struct { GtkWidget *dialog; GtkWidget *principal_entry; GtkWidget *pkuserid_entry; + GtkWidget *pkuserid_button; + GtkWidget *smartcard_toggle; GtkWidget *pkanchors_entry; + GtkWidget *pkanchors_button; GtkWidget *forwardable_toggle; GtkWidget *proxiable_toggle; GtkWidget *renewable_toggle; @@ -185,7 +191,7 @@ ka_preferences_dialog_setup_pkuserid_entry (KaPreferencesDialog *dialog) g_free (pkuserid); g_signal_connect (dialog->pkuserid_entry, "changed", - G_CALLBACK (ka_preferences_dialog_pkuserid_changed), dialog); + G_CALLBACK (ka_preferences_dialog_pkuserid_changed), dialog); if (!gconf_client_key_is_writable (dialog->client, KA_GCONF_KEY_PK_USERID, NULL)) { gtk_widget_set_sensitive (dialog->pkuserid_entry, FALSE); } @@ -241,7 +247,7 @@ ka_preferences_dialog_pkanchors_changed (GtkEntry *entry, static void ka_preferences_dialog_setup_pkanchors_entry (KaPreferencesDialog *dialog) { - char *pkanchors = NULL; + char *pkanchors = NULL; dialog->pkanchors_entry = GTK_WIDGET(gtk_builder_get_object (dialog->xml, "pkanchors_entry")); g_assert (dialog->pkanchors_entry != NULL); @@ -268,9 +274,154 @@ ka_preferences_dialog_setup_pkanchors_entry (KaPreferencesDialog *dialog) } +static void +ka_preferences_toggle_pkuserid_entry (gboolean state, KaPreferencesDialog *dialog) +{ + gtk_widget_set_sensitive (dialog->pkuserid_entry, state); + gtk_widget_set_sensitive (dialog->pkuserid_button, state); +} + + +static void +ka_preferences_dialog_smartcard_toggled (GtkToggleButton *toggle, + KaPreferencesDialog *dialog) +{ + gboolean smartcard = gtk_toggle_button_get_active (toggle); + static gchar *old_path = NULL; + + if (smartcard) { + const char *path; + + path = gtk_entry_get_text (GTK_ENTRY(dialog->pkuserid_entry)); + if (g_strcmp0 (path, PKINIT_SMARTCARD)) { + g_free (old_path); + old_path = g_strdup (path); + } + ka_preferences_toggle_pkuserid_entry (FALSE, dialog); + gconf_client_set_string (dialog->client, KA_GCONF_KEY_PK_USERID, PKINIT_SMARTCARD, NULL); + } else { + ka_preferences_toggle_pkuserid_entry (TRUE, dialog); + if (old_path) + gconf_client_set_string (dialog->client, KA_GCONF_KEY_PK_USERID, old_path, NULL); + else + gconf_client_unset (dialog->client, KA_GCONF_KEY_PK_USERID, NULL); + } +} + + +static void +ka_preferences_dialog_setup_smartcard_toggle(KaPreferencesDialog *dialog) +{ + char *pkuserid = NULL; + + dialog->smartcard_toggle = GTK_WIDGET(gtk_builder_get_object (dialog->xml, "smartcard_toggle")); + g_assert (dialog->smartcard_toggle != NULL); + + if (!ka_gconf_get_string (dialog->client, KA_GCONF_KEY_PK_USERID, &pkuserid)) + g_warning ("Getting pkanchors failed"); + + g_signal_connect (dialog->smartcard_toggle, "toggled", + G_CALLBACK (ka_preferences_dialog_smartcard_toggled), dialog); + + if (!g_strcmp0 (pkuserid, PKINIT_SMARTCARD)) + gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (dialog->smartcard_toggle), TRUE); + else + gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (dialog->smartcard_toggle), FALSE); + + if (pkuserid) + g_free (pkuserid); +} + + +static void +ka_preferences_dialog_browse_certs (KaPreferencesDialog *dialog, GtkEntry *entry) +{ + GtkWidget *filechooser; + GtkFileFilter *cert_filter, *all_filter; + gchar *filename = NULL; + const gchar *current; + gint ret; + + filechooser = gtk_file_chooser_dialog_new(_("Choose Certificate"), + GTK_WINDOW(dialog->dialog), + GTK_FILE_CHOOSER_ACTION_OPEN, + GTK_STOCK_CANCEL, GTK_RESPONSE_CANCEL, + GTK_STOCK_OPEN, GTK_RESPONSE_ACCEPT, + NULL); + + current = gtk_entry_get_text (entry); + if (current && g_str_has_prefix (current, PKINIT_FILE) && + strlen(current) > strlen (PKINIT_FILE)) { + gtk_file_chooser_select_filename (GTK_FILE_CHOOSER(filechooser), + (const gchar*)¤t[strlen(PKINIT_FILE)]); + } + + cert_filter = g_object_ref_sink (gtk_file_filter_new ()); + gtk_file_filter_add_mime_type (cert_filter, "application/x-x509-ca-cert"); + gtk_file_filter_set_name (cert_filter, _("X509 Certificates")); + gtk_file_chooser_add_filter (GTK_FILE_CHOOSER (filechooser), cert_filter); + all_filter = g_object_ref_sink (gtk_file_filter_new ()); + gtk_file_filter_add_pattern (all_filter, "*"); + gtk_file_filter_set_name (all_filter, _("all files")); + gtk_file_chooser_add_filter (GTK_FILE_CHOOSER (filechooser), all_filter); + + ret = gtk_dialog_run (GTK_DIALOG(filechooser)); + if (ret == GTK_RESPONSE_ACCEPT) + filename = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER(filechooser)); + gtk_widget_destroy (GTK_WIDGET(filechooser)); + + if (filename) { + gchar *cert = g_strconcat( PKINIT_FILE, filename, NULL); + gtk_entry_set_text (entry, cert); + g_free (filename); + g_free (cert); + } + g_object_unref (cert_filter); + g_object_unref (all_filter); +} + +static void +ka_preferences_dialog_browse_pkuserids (GtkButton *button G_GNUC_UNUSED, + KaPreferencesDialog *dialog) +{ + ka_preferences_dialog_browse_certs (dialog, + GTK_ENTRY(dialog->pkuserid_entry)); +} + +static void +ka_preferences_dialog_browse_pkanchors(GtkButton *button G_GNUC_UNUSED, + KaPreferencesDialog *dialog) +{ + ka_preferences_dialog_browse_certs (dialog, + GTK_ENTRY(dialog->pkanchors_entry)); +} + +static void +ka_preferences_dialog_setup_pkuserid_button (KaPreferencesDialog *dialog) +{ + dialog->pkuserid_button = GTK_WIDGET(gtk_builder_get_object (dialog->xml, "pkuserid_button")); + g_assert (dialog->pkuserid_button != NULL); + + g_signal_connect (dialog->pkuserid_button, "clicked", + G_CALLBACK (ka_preferences_dialog_browse_pkuserids), dialog); + +} + +static void +ka_preferences_dialog_setup_pkanchors_button (KaPreferencesDialog *dialog) +{ + dialog->pkanchors_button = GTK_WIDGET(gtk_builder_get_object (dialog->xml, "pkanchors_button")); + g_assert (dialog->pkanchors_button != NULL); + + g_signal_connect (dialog->pkanchors_button, "clicked", + G_CALLBACK (ka_preferences_dialog_browse_pkanchors), dialog); + +} + + static void ka_preferences_dialog_forwardable_toggled (GtkToggleButton *toggle, - KaPreferencesDialog *dialog) + KaPreferencesDialog *dialog) { gboolean forwardable; @@ -602,7 +753,10 @@ ka_preferences_dialog_init(KaPreferencesDialog* dialog) ka_preferences_dialog_setup_principal_entry (dialog); ka_preferences_dialog_setup_pkuserid_entry (dialog); + ka_preferences_dialog_setup_pkuserid_button (dialog); + ka_preferences_dialog_setup_smartcard_toggle (dialog); ka_preferences_dialog_setup_pkanchors_entry(dialog); + ka_preferences_dialog_setup_pkanchors_button (dialog); ka_preferences_dialog_setup_forwardable_toggle (dialog); ka_preferences_dialog_setup_proxiable_toggle (dialog); ka_preferences_dialog_setup_renewable_toggle (dialog); diff --git a/preferences/krb5-auth-dialog-preferences.xml b/preferences/krb5-auth-dialog-preferences.xml index 6ac12bc..14b8598 100644 --- a/preferences/krb5-auth-dialog-preferences.xml +++ b/preferences/krb5-auth-dialog-preferences.xml @@ -63,131 +63,186 @@ True 6 - + True - 0 - Kerberos principal: - - - False - False - 0 - - - - - True - 6 - - - True - - - - False - False - 0 - - - - - True - True - True - - - 1 - - - - - 1 - - - - - True - 0 - PKINIT userid: - - - False - False - 2 - - - - - True - 6 + 0 + none - + True - + 12 + + + True + True + True + + - - False - False - 0 - - - + + True - True - The principal's public/private/certificate identifier. Leave empty if not using PKINIT. - True + Kerberos principal: + True - - 1 - - 3 - - - - - True - 0 - PKINIT anchors: - - - False - False - 4 + 0 - + True - 6 + 0 + none - + True - + 12 + + + True + vertical + + + True + 0 + none + + + True + 24 + + + True + vertical + + + Use Smartcard + True + True + False + If checked, use a security token (Smartcard) to authenticate. + True + + + 0 + + + + + True + + + True + True + Certificate and private key used for authentication + True + + + 0 + + + + + _Browse... + True + True + True + True + + + False + 1 + + + + + 1 + + + + + + + + + True + Userid: + True + + + + + 0 + + + + + True + 0 + none + + + True + 24 + + + True + + + True + True + True + + + 0 + + + + + _Browse... + True + True + True + True + + + False + 1 + + + + + + + + + True + X509 trust anchors: + True + + + + + 1 + + + + - - False - False - 0 - - - + + True - True - Path to CA certificates used as trust anchors for PKINIT - True + PKINIT: - - 1 - - 5 + 1 @@ -444,7 +499,7 @@ True - Warn + Warn False @@ -457,7 +512,7 @@ True True Send notification about ticket expiry that many minutes before it finally expires - True + adjustment1 @@ -469,7 +524,7 @@ True - minutes before expiry + minutes before expiry False @@ -657,8 +712,12 @@ button1 + + True + gtk-missing-image + - 100 + 1000 1 10 10 -- cgit