From 29320e2db78ba6e6b56af39219b0ce213b77592b Mon Sep 17 00:00:00 2001 From: Guido Günther Date: Tue, 4 May 2010 07:51:21 +0200 Subject: Imported Upstream version 0.16~rc1 --- src/Makefile.am | 50 +- src/Makefile.in | 304 ++++++---- src/ka-applet-priv.h | 72 +++ src/ka-applet.c | 942 +++++++++++++++++++++++++++++++ src/ka-applet.h | 48 ++ src/ka-closures.c | 105 ++++ src/ka-closures.h | 38 ++ src/ka-dbus.c | 119 ++++ src/ka-dbus.h | 37 ++ src/ka-dbus.xml | 30 + src/ka-dialog.c | 1171 +++++++++++++++++++++++++++++++++++++++ src/ka-dialog.h | 32 ++ src/ka-gconf-tools.c | 149 +++++ src/ka-gconf-tools.h | 48 ++ src/ka-gconf.c | 211 +++++++ src/ka-gconf.h | 29 + src/ka-plugin-loader.c | 204 +++++++ src/ka-plugin-loader.h | 58 ++ src/ka-plugin.c | 133 +++++ src/ka-plugin.h | 75 +++ src/ka-pwdialog.c | 309 +++++++++++ src/ka-pwdialog.h | 65 +++ src/ka-tickets.c | 115 ++++ src/ka-tickets.h | 39 ++ src/ka-tools.c | 57 ++ src/ka-tools.h | 32 ++ src/krb5-auth-applet-dbus.xml | 31 -- src/krb5-auth-applet.c | 919 ------------------------------ src/krb5-auth-applet.h | 85 --- src/krb5-auth-dbus.c | 120 ---- src/krb5-auth-dbus.h | 37 -- src/krb5-auth-dialog.c | 1171 --------------------------------------- src/krb5-auth-dialog.h | 33 -- src/krb5-auth-dialog.schemas.in | 13 + src/krb5-auth-gconf-tools.c | 126 ----- src/krb5-auth-gconf-tools.h | 46 -- src/krb5-auth-gconf.c | 210 ------- src/krb5-auth-gconf.h | 29 - src/krb5-auth-pwdialog.c | 310 ----------- src/krb5-auth-pwdialog.h | 65 --- src/krb5-auth-tickets.c | 116 ---- src/krb5-auth-tickets.h | 39 -- src/krb5-auth-tools.c | 58 -- src/krb5-auth-tools.h | 33 -- 44 files changed, 4347 insertions(+), 3566 deletions(-) create mode 100644 src/ka-applet-priv.h create mode 100644 src/ka-applet.c create mode 100644 src/ka-applet.h create mode 100644 src/ka-closures.c create mode 100644 src/ka-closures.h create mode 100644 src/ka-dbus.c create mode 100644 src/ka-dbus.h create mode 100644 src/ka-dbus.xml create mode 100644 src/ka-dialog.c create mode 100644 src/ka-dialog.h create mode 100644 src/ka-gconf-tools.c create mode 100644 src/ka-gconf-tools.h create mode 100644 src/ka-gconf.c create mode 100644 src/ka-gconf.h create mode 100644 src/ka-plugin-loader.c create mode 100644 src/ka-plugin-loader.h create mode 100644 src/ka-plugin.c create mode 100644 src/ka-plugin.h create mode 100644 src/ka-pwdialog.c create mode 100644 src/ka-pwdialog.h create mode 100644 src/ka-tickets.c create mode 100644 src/ka-tickets.h create mode 100644 src/ka-tools.c create mode 100644 src/ka-tools.h delete mode 100644 src/krb5-auth-applet-dbus.xml delete mode 100644 src/krb5-auth-applet.c delete mode 100644 src/krb5-auth-applet.h delete mode 100644 src/krb5-auth-dbus.c delete mode 100644 src/krb5-auth-dbus.h delete mode 100644 src/krb5-auth-dialog.c delete mode 100644 src/krb5-auth-dialog.h delete mode 100644 src/krb5-auth-gconf-tools.c delete mode 100644 src/krb5-auth-gconf-tools.h delete mode 100644 src/krb5-auth-gconf.c delete mode 100644 src/krb5-auth-gconf.h delete mode 100644 src/krb5-auth-pwdialog.c delete mode 100644 src/krb5-auth-pwdialog.h delete mode 100644 src/krb5-auth-tickets.c delete mode 100644 src/krb5-auth-tickets.h delete mode 100644 src/krb5-auth-tools.c delete mode 100644 src/krb5-auth-tools.h (limited to 'src') diff --git a/src/Makefile.am b/src/Makefile.am index e0068fb..591c69f 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -21,22 +21,29 @@ $(service_DATA): $(service_in_files) Makefile sed -e "s|\@BINDIR\@|$(bindir)|" $< > $@ krb5_auth_dialog_SOURCES = \ - krb5-auth-dialog.c \ - krb5-auth-dialog.h \ - krb5-auth-applet.c \ - krb5-auth-applet.h \ - krb5-auth-pwdialog.c \ - krb5-auth-pwdialog.h \ - krb5-auth-gconf.c \ - krb5-auth-gconf.h \ - krb5-auth-gconf-tools.c \ - krb5-auth-gconf-tools.h \ - krb5-auth-dbus.c \ - krb5-auth-dbus.h \ - krb5-auth-tools.c \ - krb5-auth-tools.h \ - krb5-auth-tickets.c \ - krb5-auth-tickets.h \ + ka-dialog.c \ + ka-dialog.h \ + ka-applet.c \ + ka-applet-priv.h \ + ka-applet.h \ + ka-pwdialog.c \ + ka-pwdialog.h \ + ka-gconf.c \ + ka-gconf.h \ + ka-gconf-tools.c \ + ka-gconf-tools.h \ + ka-dbus.c \ + ka-dbus.h \ + ka-tools.c \ + ka-tools.h \ + ka-tickets.c \ + ka-tickets.h \ + ka-plugin.c \ + ka-plugin.h \ + ka-plugin-loader.c \ + ka-plugin-loader.h \ + ka-closures.h \ + ka-closures.c \ dummy-strings.c \ $(NULL) @@ -47,10 +54,12 @@ krb5_auth_dialog_CPPFLAGS = \ -DDATA_DIR=\""$(datadir)"\" \ -DLOCALE_DIR=\""$(localedir)/"\" \ -DBIN_DIR=\""$(bindir)/"\" \ + -DKA_PLUGINS_DIR=\""$(KA_PLUGINS_DIR)"\" \ $(AM_CPPFLAGS) \ $(NULL) krb5_auth_dialog_CFLAGS = \ + $(GMODULE_CFLAGS) \ $(GTK_CFLAGS) \ $(DBUS_CFLAGS) \ $(GCONF_CFLAGS) \ @@ -71,14 +80,15 @@ krb5_auth_dialog_LDADD = \ $(DBUS_LIBS) \ $(GCONF_LIBS) \ $(GIO_LIBS) \ + $(GMODULE_LIBS) \ $(GTK_LIBS) \ $(NULL) BUILT_SOURCES = \ - krb5-auth-applet-dbus-glue.h \ + ka-dbus-glue.h \ $(NULL) -krb5-auth-applet-dbus-glue.h: $(srcdir)/krb5-auth-applet-dbus.xml +ka-dbus-glue.h: $(srcdir)/ka-dbus.xml dbus-binding-tool \ --mode=glib-server \ --prefix=krb5_auth_dialog \ @@ -100,14 +110,14 @@ EXTRA_DIST = \ $(schema_in_files) \ $(autostart_in_files) \ $(service_in_files) \ - $(srcdir)/krb5-auth-applet-dbus.xml \ + $(srcdir)/ka-dbus.xml \ krb5-auth-dialog.1.in \ $(NULL) CLEANFILES = $(schema_DATA) $(service_DATA) DISTCLEANFILES = \ krb5-auth-dialog.desktop \ - krb5-auth-applet-dbus-glue.h \ + ka-dbus-glue.h \ $(NULL) install-data-local: $(schema_DATA) diff --git a/src/Makefile.in b/src/Makefile.in index 89ddf2e..b812d80 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -53,15 +53,17 @@ am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(man1dir)" \ "$(DESTDIR)$(schemadir)" "$(DESTDIR)$(servicedir)" PROGRAMS = $(bin_PROGRAMS) am__objects_1 = -am_krb5_auth_dialog_OBJECTS = \ - krb5_auth_dialog-krb5-auth-dialog.$(OBJEXT) \ - krb5_auth_dialog-krb5-auth-applet.$(OBJEXT) \ - krb5_auth_dialog-krb5-auth-pwdialog.$(OBJEXT) \ - krb5_auth_dialog-krb5-auth-gconf.$(OBJEXT) \ - krb5_auth_dialog-krb5-auth-gconf-tools.$(OBJEXT) \ - krb5_auth_dialog-krb5-auth-dbus.$(OBJEXT) \ - krb5_auth_dialog-krb5-auth-tools.$(OBJEXT) \ - krb5_auth_dialog-krb5-auth-tickets.$(OBJEXT) \ +am_krb5_auth_dialog_OBJECTS = krb5_auth_dialog-ka-dialog.$(OBJEXT) \ + krb5_auth_dialog-ka-applet.$(OBJEXT) \ + krb5_auth_dialog-ka-pwdialog.$(OBJEXT) \ + krb5_auth_dialog-ka-gconf.$(OBJEXT) \ + krb5_auth_dialog-ka-gconf-tools.$(OBJEXT) \ + krb5_auth_dialog-ka-dbus.$(OBJEXT) \ + krb5_auth_dialog-ka-tools.$(OBJEXT) \ + krb5_auth_dialog-ka-tickets.$(OBJEXT) \ + krb5_auth_dialog-ka-plugin.$(OBJEXT) \ + krb5_auth_dialog-ka-plugin-loader.$(OBJEXT) \ + krb5_auth_dialog-ka-closures.$(OBJEXT) \ krb5_auth_dialog-dummy-strings.$(OBJEXT) $(am__objects_1) krb5_auth_dialog_OBJECTS = $(am_krb5_auth_dialog_OBJECTS) am__DEPENDENCIES_1 = @@ -71,7 +73,8 @@ krb5_auth_dialog_DEPENDENCIES = \ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) + $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ + $(am__DEPENDENCIES_1) AM_V_lt = $(am__v_lt_$(V)) am__v_lt_ = $(am__v_lt_$(AM_DEFAULT_VERBOSITY)) am__v_lt_0 = --silent @@ -180,6 +183,8 @@ GIO_CFLAGS = @GIO_CFLAGS@ GIO_LIBS = @GIO_LIBS@ GIO_UNIX_CFLAGS = @GIO_UNIX_CFLAGS@ GIO_UNIX_LIBS = @GIO_UNIX_LIBS@ +GMODULE_CFLAGS = @GMODULE_CFLAGS@ +GMODULE_LIBS = @GMODULE_LIBS@ GMOFILES = @GMOFILES@ GMSGFMT = @GMSGFMT@ GREP = @GREP@ @@ -197,6 +202,7 @@ INTLTOOL_EXTRACT = @INTLTOOL_EXTRACT@ INTLTOOL_MERGE = @INTLTOOL_MERGE@ INTLTOOL_PERL = @INTLTOOL_PERL@ INTLTOOL_UPDATE = @INTLTOOL_UPDATE@ +KA_PLUGINS_DIR = @KA_PLUGINS_DIR@ KRB5_CFLAGS = @KRB5_CFLAGS@ KRB5_CONFIG = @KRB5_CONFIG@ KRB5_LIBS = @KRB5_LIBS@ @@ -237,6 +243,7 @@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ +PAM_LIBS = @PAM_LIBS@ PATH_SEPARATOR = @PATH_SEPARATOR@ PKG_CONFIG = @PKG_CONFIG@ POFILES = @POFILES@ @@ -323,22 +330,29 @@ servicedir = $(datadir)/dbus-1/services service_in_files = org.gnome.KrbAuthDialog.service.in service_DATA = $(service_in_files:.service.in=.service) krb5_auth_dialog_SOURCES = \ - krb5-auth-dialog.c \ - krb5-auth-dialog.h \ - krb5-auth-applet.c \ - krb5-auth-applet.h \ - krb5-auth-pwdialog.c \ - krb5-auth-pwdialog.h \ - krb5-auth-gconf.c \ - krb5-auth-gconf.h \ - krb5-auth-gconf-tools.c \ - krb5-auth-gconf-tools.h \ - krb5-auth-dbus.c \ - krb5-auth-dbus.h \ - krb5-auth-tools.c \ - krb5-auth-tools.h \ - krb5-auth-tickets.c \ - krb5-auth-tickets.h \ + ka-dialog.c \ + ka-dialog.h \ + ka-applet.c \ + ka-applet-priv.h \ + ka-applet.h \ + ka-pwdialog.c \ + ka-pwdialog.h \ + ka-gconf.c \ + ka-gconf.h \ + ka-gconf-tools.c \ + ka-gconf-tools.h \ + ka-dbus.c \ + ka-dbus.h \ + ka-tools.c \ + ka-tools.h \ + ka-tickets.c \ + ka-tickets.h \ + ka-plugin.c \ + ka-plugin.h \ + ka-plugin-loader.c \ + ka-plugin-loader.h \ + ka-closures.h \ + ka-closures.c \ dummy-strings.c \ $(NULL) @@ -349,10 +363,12 @@ krb5_auth_dialog_CPPFLAGS = \ -DDATA_DIR=\""$(datadir)"\" \ -DLOCALE_DIR=\""$(localedir)/"\" \ -DBIN_DIR=\""$(bindir)/"\" \ + -DKA_PLUGINS_DIR=\""$(KA_PLUGINS_DIR)"\" \ $(AM_CPPFLAGS) \ $(NULL) krb5_auth_dialog_CFLAGS = \ + $(GMODULE_CFLAGS) \ $(GTK_CFLAGS) \ $(DBUS_CFLAGS) \ $(GCONF_CFLAGS) \ @@ -373,11 +389,12 @@ krb5_auth_dialog_LDADD = \ $(DBUS_LIBS) \ $(GCONF_LIBS) \ $(GIO_LIBS) \ + $(GMODULE_LIBS) \ $(GTK_LIBS) \ $(NULL) BUILT_SOURCES = \ - krb5-auth-applet-dbus-glue.h \ + ka-dbus-glue.h \ $(NULL) AM_CPPFLAGS = \ @@ -395,14 +412,14 @@ EXTRA_DIST = \ $(schema_in_files) \ $(autostart_in_files) \ $(service_in_files) \ - $(srcdir)/krb5-auth-applet-dbus.xml \ + $(srcdir)/ka-dbus.xml \ krb5-auth-dialog.1.in \ $(NULL) CLEANFILES = $(schema_DATA) $(service_DATA) DISTCLEANFILES = \ krb5-auth-dialog.desktop \ - krb5-auth-applet-dbus-glue.h \ + ka-dbus-glue.h \ $(NULL) all: $(BUILT_SOURCES) @@ -496,14 +513,17 @@ distclean-compile: -rm -f *.tab.c @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/krb5_auth_dialog-dummy-strings.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/krb5_auth_dialog-krb5-auth-applet.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/krb5_auth_dialog-krb5-auth-dbus.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/krb5_auth_dialog-krb5-auth-dialog.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/krb5_auth_dialog-krb5-auth-gconf-tools.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/krb5_auth_dialog-krb5-auth-gconf.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/krb5_auth_dialog-krb5-auth-pwdialog.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/krb5_auth_dialog-krb5-auth-tickets.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/krb5_auth_dialog-krb5-auth-tools.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/krb5_auth_dialog-ka-applet.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/krb5_auth_dialog-ka-closures.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/krb5_auth_dialog-ka-dbus.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/krb5_auth_dialog-ka-dialog.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/krb5_auth_dialog-ka-gconf-tools.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/krb5_auth_dialog-ka-gconf.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/krb5_auth_dialog-ka-plugin-loader.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/krb5_auth_dialog-ka-plugin.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/krb5_auth_dialog-ka-pwdialog.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/krb5_auth_dialog-ka-tickets.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/krb5_auth_dialog-ka-tools.Po@am__quote@ .c.o: @am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< @@ -529,133 +549,181 @@ distclean-compile: @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< -krb5_auth_dialog-krb5-auth-dialog.o: krb5-auth-dialog.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-krb5-auth-dialog.o -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-krb5-auth-dialog.Tpo -c -o krb5_auth_dialog-krb5-auth-dialog.o `test -f 'krb5-auth-dialog.c' || echo '$(srcdir)/'`krb5-auth-dialog.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-krb5-auth-dialog.Tpo $(DEPDIR)/krb5_auth_dialog-krb5-auth-dialog.Po +krb5_auth_dialog-ka-dialog.o: ka-dialog.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-ka-dialog.o -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-ka-dialog.Tpo -c -o krb5_auth_dialog-ka-dialog.o `test -f 'ka-dialog.c' || echo '$(srcdir)/'`ka-dialog.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-ka-dialog.Tpo $(DEPDIR)/krb5_auth_dialog-ka-dialog.Po +@am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ka-dialog.c' object='krb5_auth_dialog-ka-dialog.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-ka-dialog.o `test -f 'ka-dialog.c' || echo '$(srcdir)/'`ka-dialog.c + +krb5_auth_dialog-ka-dialog.obj: ka-dialog.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-ka-dialog.obj -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-ka-dialog.Tpo -c -o krb5_auth_dialog-ka-dialog.obj `if test -f 'ka-dialog.c'; then $(CYGPATH_W) 'ka-dialog.c'; else $(CYGPATH_W) '$(srcdir)/ka-dialog.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-ka-dialog.Tpo $(DEPDIR)/krb5_auth_dialog-ka-dialog.Po +@am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ka-dialog.c' object='krb5_auth_dialog-ka-dialog.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-ka-dialog.obj `if test -f 'ka-dialog.c'; then $(CYGPATH_W) 'ka-dialog.c'; else $(CYGPATH_W) '$(srcdir)/ka-dialog.c'; fi` + +krb5_auth_dialog-ka-applet.o: ka-applet.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-ka-applet.o -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-ka-applet.Tpo -c -o krb5_auth_dialog-ka-applet.o `test -f 'ka-applet.c' || echo '$(srcdir)/'`ka-applet.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-ka-applet.Tpo $(DEPDIR)/krb5_auth_dialog-ka-applet.Po +@am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ka-applet.c' object='krb5_auth_dialog-ka-applet.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-ka-applet.o `test -f 'ka-applet.c' || echo '$(srcdir)/'`ka-applet.c + +krb5_auth_dialog-ka-applet.obj: ka-applet.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-ka-applet.obj -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-ka-applet.Tpo -c -o krb5_auth_dialog-ka-applet.obj `if test -f 'ka-applet.c'; then $(CYGPATH_W) 'ka-applet.c'; else $(CYGPATH_W) '$(srcdir)/ka-applet.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-ka-applet.Tpo $(DEPDIR)/krb5_auth_dialog-ka-applet.Po +@am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ka-applet.c' object='krb5_auth_dialog-ka-applet.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-ka-applet.obj `if test -f 'ka-applet.c'; then $(CYGPATH_W) 'ka-applet.c'; else $(CYGPATH_W) '$(srcdir)/ka-applet.c'; fi` + +krb5_auth_dialog-ka-pwdialog.o: ka-pwdialog.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-ka-pwdialog.o -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-ka-pwdialog.Tpo -c -o krb5_auth_dialog-ka-pwdialog.o `test -f 'ka-pwdialog.c' || echo '$(srcdir)/'`ka-pwdialog.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-ka-pwdialog.Tpo $(DEPDIR)/krb5_auth_dialog-ka-pwdialog.Po +@am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ka-pwdialog.c' object='krb5_auth_dialog-ka-pwdialog.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-ka-pwdialog.o `test -f 'ka-pwdialog.c' || echo '$(srcdir)/'`ka-pwdialog.c + +krb5_auth_dialog-ka-pwdialog.obj: ka-pwdialog.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-ka-pwdialog.obj -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-ka-pwdialog.Tpo -c -o krb5_auth_dialog-ka-pwdialog.obj `if test -f 'ka-pwdialog.c'; then $(CYGPATH_W) 'ka-pwdialog.c'; else $(CYGPATH_W) '$(srcdir)/ka-pwdialog.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-ka-pwdialog.Tpo $(DEPDIR)/krb5_auth_dialog-ka-pwdialog.Po +@am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ka-pwdialog.c' object='krb5_auth_dialog-ka-pwdialog.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-ka-pwdialog.obj `if test -f 'ka-pwdialog.c'; then $(CYGPATH_W) 'ka-pwdialog.c'; else $(CYGPATH_W) '$(srcdir)/ka-pwdialog.c'; fi` + +krb5_auth_dialog-ka-gconf.o: ka-gconf.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-ka-gconf.o -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-ka-gconf.Tpo -c -o krb5_auth_dialog-ka-gconf.o `test -f 'ka-gconf.c' || echo '$(srcdir)/'`ka-gconf.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-ka-gconf.Tpo $(DEPDIR)/krb5_auth_dialog-ka-gconf.Po @am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='krb5-auth-dialog.c' object='krb5_auth_dialog-krb5-auth-dialog.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ka-gconf.c' object='krb5_auth_dialog-ka-gconf.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-krb5-auth-dialog.o `test -f 'krb5-auth-dialog.c' || echo '$(srcdir)/'`krb5-auth-dialog.c +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-ka-gconf.o `test -f 'ka-gconf.c' || echo '$(srcdir)/'`ka-gconf.c -krb5_auth_dialog-krb5-auth-dialog.obj: krb5-auth-dialog.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-krb5-auth-dialog.obj -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-krb5-auth-dialog.Tpo -c -o krb5_auth_dialog-krb5-auth-dialog.obj `if test -f 'krb5-auth-dialog.c'; then $(CYGPATH_W) 'krb5-auth-dialog.c'; else $(CYGPATH_W) '$(srcdir)/krb5-auth-dialog.c'; fi` -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-krb5-auth-dialog.Tpo $(DEPDIR)/krb5_auth_dialog-krb5-auth-dialog.Po +krb5_auth_dialog-ka-gconf.obj: ka-gconf.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-ka-gconf.obj -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-ka-gconf.Tpo -c -o krb5_auth_dialog-ka-gconf.obj `if test -f 'ka-gconf.c'; then $(CYGPATH_W) 'ka-gconf.c'; else $(CYGPATH_W) '$(srcdir)/ka-gconf.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-ka-gconf.Tpo $(DEPDIR)/krb5_auth_dialog-ka-gconf.Po @am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='krb5-auth-dialog.c' object='krb5_auth_dialog-krb5-auth-dialog.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ka-gconf.c' object='krb5_auth_dialog-ka-gconf.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-krb5-auth-dialog.obj `if test -f 'krb5-auth-dialog.c'; then $(CYGPATH_W) 'krb5-auth-dialog.c'; else $(CYGPATH_W) '$(srcdir)/krb5-auth-dialog.c'; fi` +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-ka-gconf.obj `if test -f 'ka-gconf.c'; then $(CYGPATH_W) 'ka-gconf.c'; else $(CYGPATH_W) '$(srcdir)/ka-gconf.c'; fi` -krb5_auth_dialog-krb5-auth-applet.o: krb5-auth-applet.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-krb5-auth-applet.o -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-krb5-auth-applet.Tpo -c -o krb5_auth_dialog-krb5-auth-applet.o `test -f 'krb5-auth-applet.c' || echo '$(srcdir)/'`krb5-auth-applet.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-krb5-auth-applet.Tpo $(DEPDIR)/krb5_auth_dialog-krb5-auth-applet.Po +krb5_auth_dialog-ka-gconf-tools.o: ka-gconf-tools.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-ka-gconf-tools.o -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-ka-gconf-tools.Tpo -c -o krb5_auth_dialog-ka-gconf-tools.o `test -f 'ka-gconf-tools.c' || echo '$(srcdir)/'`ka-gconf-tools.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-ka-gconf-tools.Tpo $(DEPDIR)/krb5_auth_dialog-ka-gconf-tools.Po @am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='krb5-auth-applet.c' object='krb5_auth_dialog-krb5-auth-applet.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ka-gconf-tools.c' object='krb5_auth_dialog-ka-gconf-tools.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-krb5-auth-applet.o `test -f 'krb5-auth-applet.c' || echo '$(srcdir)/'`krb5-auth-applet.c +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-ka-gconf-tools.o `test -f 'ka-gconf-tools.c' || echo '$(srcdir)/'`ka-gconf-tools.c -krb5_auth_dialog-krb5-auth-applet.obj: krb5-auth-applet.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-krb5-auth-applet.obj -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-krb5-auth-applet.Tpo -c -o krb5_auth_dialog-krb5-auth-applet.obj `if test -f 'krb5-auth-applet.c'; then $(CYGPATH_W) 'krb5-auth-applet.c'; else $(CYGPATH_W) '$(srcdir)/krb5-auth-applet.c'; fi` -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-krb5-auth-applet.Tpo $(DEPDIR)/krb5_auth_dialog-krb5-auth-applet.Po +krb5_auth_dialog-ka-gconf-tools.obj: ka-gconf-tools.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-ka-gconf-tools.obj -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-ka-gconf-tools.Tpo -c -o krb5_auth_dialog-ka-gconf-tools.obj `if test -f 'ka-gconf-tools.c'; then $(CYGPATH_W) 'ka-gconf-tools.c'; else $(CYGPATH_W) '$(srcdir)/ka-gconf-tools.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-ka-gconf-tools.Tpo $(DEPDIR)/krb5_auth_dialog-ka-gconf-tools.Po @am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='krb5-auth-applet.c' object='krb5_auth_dialog-krb5-auth-applet.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ka-gconf-tools.c' object='krb5_auth_dialog-ka-gconf-tools.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-krb5-auth-applet.obj `if test -f 'krb5-auth-applet.c'; then $(CYGPATH_W) 'krb5-auth-applet.c'; else $(CYGPATH_W) '$(srcdir)/krb5-auth-applet.c'; fi` +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-ka-gconf-tools.obj `if test -f 'ka-gconf-tools.c'; then $(CYGPATH_W) 'ka-gconf-tools.c'; else $(CYGPATH_W) '$(srcdir)/ka-gconf-tools.c'; fi` -krb5_auth_dialog-krb5-auth-pwdialog.o: krb5-auth-pwdialog.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-krb5-auth-pwdialog.o -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-krb5-auth-pwdialog.Tpo -c -o krb5_auth_dialog-krb5-auth-pwdialog.o `test -f 'krb5-auth-pwdialog.c' || echo '$(srcdir)/'`krb5-auth-pwdialog.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-krb5-auth-pwdialog.Tpo $(DEPDIR)/krb5_auth_dialog-krb5-auth-pwdialog.Po +krb5_auth_dialog-ka-dbus.o: ka-dbus.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-ka-dbus.o -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-ka-dbus.Tpo -c -o krb5_auth_dialog-ka-dbus.o `test -f 'ka-dbus.c' || echo '$(srcdir)/'`ka-dbus.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-ka-dbus.Tpo $(DEPDIR)/krb5_auth_dialog-ka-dbus.Po @am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='krb5-auth-pwdialog.c' object='krb5_auth_dialog-krb5-auth-pwdialog.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ka-dbus.c' object='krb5_auth_dialog-ka-dbus.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-krb5-auth-pwdialog.o `test -f 'krb5-auth-pwdialog.c' || echo '$(srcdir)/'`krb5-auth-pwdialog.c +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-ka-dbus.o `test -f 'ka-dbus.c' || echo '$(srcdir)/'`ka-dbus.c -krb5_auth_dialog-krb5-auth-pwdialog.obj: krb5-auth-pwdialog.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-krb5-auth-pwdialog.obj -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-krb5-auth-pwdialog.Tpo -c -o krb5_auth_dialog-krb5-auth-pwdialog.obj `if test -f 'krb5-auth-pwdialog.c'; then $(CYGPATH_W) 'krb5-auth-pwdialog.c'; else $(CYGPATH_W) '$(srcdir)/krb5-auth-pwdialog.c'; fi` -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-krb5-auth-pwdialog.Tpo $(DEPDIR)/krb5_auth_dialog-krb5-auth-pwdialog.Po +krb5_auth_dialog-ka-dbus.obj: ka-dbus.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-ka-dbus.obj -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-ka-dbus.Tpo -c -o krb5_auth_dialog-ka-dbus.obj `if test -f 'ka-dbus.c'; then $(CYGPATH_W) 'ka-dbus.c'; else $(CYGPATH_W) '$(srcdir)/ka-dbus.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-ka-dbus.Tpo $(DEPDIR)/krb5_auth_dialog-ka-dbus.Po @am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='krb5-auth-pwdialog.c' object='krb5_auth_dialog-krb5-auth-pwdialog.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ka-dbus.c' object='krb5_auth_dialog-ka-dbus.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-krb5-auth-pwdialog.obj `if test -f 'krb5-auth-pwdialog.c'; then $(CYGPATH_W) 'krb5-auth-pwdialog.c'; else $(CYGPATH_W) '$(srcdir)/krb5-auth-pwdialog.c'; fi` +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-ka-dbus.obj `if test -f 'ka-dbus.c'; then $(CYGPATH_W) 'ka-dbus.c'; else $(CYGPATH_W) '$(srcdir)/ka-dbus.c'; fi` -krb5_auth_dialog-krb5-auth-gconf.o: krb5-auth-gconf.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-krb5-auth-gconf.o -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-krb5-auth-gconf.Tpo -c -o krb5_auth_dialog-krb5-auth-gconf.o `test -f 'krb5-auth-gconf.c' || echo '$(srcdir)/'`krb5-auth-gconf.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-krb5-auth-gconf.Tpo $(DEPDIR)/krb5_auth_dialog-krb5-auth-gconf.Po +krb5_auth_dialog-ka-tools.o: ka-tools.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-ka-tools.o -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-ka-tools.Tpo -c -o krb5_auth_dialog-ka-tools.o `test -f 'ka-tools.c' || echo '$(srcdir)/'`ka-tools.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-ka-tools.Tpo $(DEPDIR)/krb5_auth_dialog-ka-tools.Po @am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='krb5-auth-gconf.c' object='krb5_auth_dialog-krb5-auth-gconf.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ka-tools.c' object='krb5_auth_dialog-ka-tools.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-krb5-auth-gconf.o `test -f 'krb5-auth-gconf.c' || echo '$(srcdir)/'`krb5-auth-gconf.c +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-ka-tools.o `test -f 'ka-tools.c' || echo '$(srcdir)/'`ka-tools.c -krb5_auth_dialog-krb5-auth-gconf.obj: krb5-auth-gconf.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-krb5-auth-gconf.obj -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-krb5-auth-gconf.Tpo -c -o krb5_auth_dialog-krb5-auth-gconf.obj `if test -f 'krb5-auth-gconf.c'; then $(CYGPATH_W) 'krb5-auth-gconf.c'; else $(CYGPATH_W) '$(srcdir)/krb5-auth-gconf.c'; fi` -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-krb5-auth-gconf.Tpo $(DEPDIR)/krb5_auth_dialog-krb5-auth-gconf.Po +krb5_auth_dialog-ka-tools.obj: ka-tools.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-ka-tools.obj -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-ka-tools.Tpo -c -o krb5_auth_dialog-ka-tools.obj `if test -f 'ka-tools.c'; then $(CYGPATH_W) 'ka-tools.c'; else $(CYGPATH_W) '$(srcdir)/ka-tools.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-ka-tools.Tpo $(DEPDIR)/krb5_auth_dialog-ka-tools.Po @am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='krb5-auth-gconf.c' object='krb5_auth_dialog-krb5-auth-gconf.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ka-tools.c' object='krb5_auth_dialog-ka-tools.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-krb5-auth-gconf.obj `if test -f 'krb5-auth-gconf.c'; then $(CYGPATH_W) 'krb5-auth-gconf.c'; else $(CYGPATH_W) '$(srcdir)/krb5-auth-gconf.c'; fi` +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-ka-tools.obj `if test -f 'ka-tools.c'; then $(CYGPATH_W) 'ka-tools.c'; else $(CYGPATH_W) '$(srcdir)/ka-tools.c'; fi` -krb5_auth_dialog-krb5-auth-gconf-tools.o: krb5-auth-gconf-tools.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-krb5-auth-gconf-tools.o -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-krb5-auth-gconf-tools.Tpo -c -o krb5_auth_dialog-krb5-auth-gconf-tools.o `test -f 'krb5-auth-gconf-tools.c' || echo '$(srcdir)/'`krb5-auth-gconf-tools.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-krb5-auth-gconf-tools.Tpo $(DEPDIR)/krb5_auth_dialog-krb5-auth-gconf-tools.Po +krb5_auth_dialog-ka-tickets.o: ka-tickets.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-ka-tickets.o -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-ka-tickets.Tpo -c -o krb5_auth_dialog-ka-tickets.o `test -f 'ka-tickets.c' || echo '$(srcdir)/'`ka-tickets.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-ka-tickets.Tpo $(DEPDIR)/krb5_auth_dialog-ka-tickets.Po @am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='krb5-auth-gconf-tools.c' object='krb5_auth_dialog-krb5-auth-gconf-tools.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ka-tickets.c' object='krb5_auth_dialog-ka-tickets.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-krb5-auth-gconf-tools.o `test -f 'krb5-auth-gconf-tools.c' || echo '$(srcdir)/'`krb5-auth-gconf-tools.c +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-ka-tickets.o `test -f 'ka-tickets.c' || echo '$(srcdir)/'`ka-tickets.c -krb5_auth_dialog-krb5-auth-gconf-tools.obj: krb5-auth-gconf-tools.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-krb5-auth-gconf-tools.obj -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-krb5-auth-gconf-tools.Tpo -c -o krb5_auth_dialog-krb5-auth-gconf-tools.obj `if test -f 'krb5-auth-gconf-tools.c'; then $(CYGPATH_W) 'krb5-auth-gconf-tools.c'; else $(CYGPATH_W) '$(srcdir)/krb5-auth-gconf-tools.c'; fi` -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-krb5-auth-gconf-tools.Tpo $(DEPDIR)/krb5_auth_dialog-krb5-auth-gconf-tools.Po +krb5_auth_dialog-ka-tickets.obj: ka-tickets.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-ka-tickets.obj -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-ka-tickets.Tpo -c -o krb5_auth_dialog-ka-tickets.obj `if test -f 'ka-tickets.c'; then $(CYGPATH_W) 'ka-tickets.c'; else $(CYGPATH_W) '$(srcdir)/ka-tickets.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-ka-tickets.Tpo $(DEPDIR)/krb5_auth_dialog-ka-tickets.Po @am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='krb5-auth-gconf-tools.c' object='krb5_auth_dialog-krb5-auth-gconf-tools.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ka-tickets.c' object='krb5_auth_dialog-ka-tickets.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-krb5-auth-gconf-tools.obj `if test -f 'krb5-auth-gconf-tools.c'; then $(CYGPATH_W) 'krb5-auth-gconf-tools.c'; else $(CYGPATH_W) '$(srcdir)/krb5-auth-gconf-tools.c'; fi` +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-ka-tickets.obj `if test -f 'ka-tickets.c'; then $(CYGPATH_W) 'ka-tickets.c'; else $(CYGPATH_W) '$(srcdir)/ka-tickets.c'; fi` -krb5_auth_dialog-krb5-auth-dbus.o: krb5-auth-dbus.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-krb5-auth-dbus.o -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-krb5-auth-dbus.Tpo -c -o krb5_auth_dialog-krb5-auth-dbus.o `test -f 'krb5-auth-dbus.c' || echo '$(srcdir)/'`krb5-auth-dbus.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-krb5-auth-dbus.Tpo $(DEPDIR)/krb5_auth_dialog-krb5-auth-dbus.Po +krb5_auth_dialog-ka-plugin.o: ka-plugin.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-ka-plugin.o -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-ka-plugin.Tpo -c -o krb5_auth_dialog-ka-plugin.o `test -f 'ka-plugin.c' || echo '$(srcdir)/'`ka-plugin.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-ka-plugin.Tpo $(DEPDIR)/krb5_auth_dialog-ka-plugin.Po @am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='krb5-auth-dbus.c' object='krb5_auth_dialog-krb5-auth-dbus.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ka-plugin.c' object='krb5_auth_dialog-ka-plugin.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-krb5-auth-dbus.o `test -f 'krb5-auth-dbus.c' || echo '$(srcdir)/'`krb5-auth-dbus.c +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-ka-plugin.o `test -f 'ka-plugin.c' || echo '$(srcdir)/'`ka-plugin.c -krb5_auth_dialog-krb5-auth-dbus.obj: krb5-auth-dbus.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-krb5-auth-dbus.obj -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-krb5-auth-dbus.Tpo -c -o krb5_auth_dialog-krb5-auth-dbus.obj `if test -f 'krb5-auth-dbus.c'; then $(CYGPATH_W) 'krb5-auth-dbus.c'; else $(CYGPATH_W) '$(srcdir)/krb5-auth-dbus.c'; fi` -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-krb5-auth-dbus.Tpo $(DEPDIR)/krb5_auth_dialog-krb5-auth-dbus.Po +krb5_auth_dialog-ka-plugin.obj: ka-plugin.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-ka-plugin.obj -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-ka-plugin.Tpo -c -o krb5_auth_dialog-ka-plugin.obj `if test -f 'ka-plugin.c'; then $(CYGPATH_W) 'ka-plugin.c'; else $(CYGPATH_W) '$(srcdir)/ka-plugin.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-ka-plugin.Tpo $(DEPDIR)/krb5_auth_dialog-ka-plugin.Po @am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='krb5-auth-dbus.c' object='krb5_auth_dialog-krb5-auth-dbus.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ka-plugin.c' object='krb5_auth_dialog-ka-plugin.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-krb5-auth-dbus.obj `if test -f 'krb5-auth-dbus.c'; then $(CYGPATH_W) 'krb5-auth-dbus.c'; else $(CYGPATH_W) '$(srcdir)/krb5-auth-dbus.c'; fi` +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-ka-plugin.obj `if test -f 'ka-plugin.c'; then $(CYGPATH_W) 'ka-plugin.c'; else $(CYGPATH_W) '$(srcdir)/ka-plugin.c'; fi` -krb5_auth_dialog-krb5-auth-tools.o: krb5-auth-tools.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-krb5-auth-tools.o -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-krb5-auth-tools.Tpo -c -o krb5_auth_dialog-krb5-auth-tools.o `test -f 'krb5-auth-tools.c' || echo '$(srcdir)/'`krb5-auth-tools.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-krb5-auth-tools.Tpo $(DEPDIR)/krb5_auth_dialog-krb5-auth-tools.Po +krb5_auth_dialog-ka-plugin-loader.o: ka-plugin-loader.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-ka-plugin-loader.o -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-ka-plugin-loader.Tpo -c -o krb5_auth_dialog-ka-plugin-loader.o `test -f 'ka-plugin-loader.c' || echo '$(srcdir)/'`ka-plugin-loader.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-ka-plugin-loader.Tpo $(DEPDIR)/krb5_auth_dialog-ka-plugin-loader.Po @am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='krb5-auth-tools.c' object='krb5_auth_dialog-krb5-auth-tools.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ka-plugin-loader.c' object='krb5_auth_dialog-ka-plugin-loader.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-krb5-auth-tools.o `test -f 'krb5-auth-tools.c' || echo '$(srcdir)/'`krb5-auth-tools.c +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-ka-plugin-loader.o `test -f 'ka-plugin-loader.c' || echo '$(srcdir)/'`ka-plugin-loader.c -krb5_auth_dialog-krb5-auth-tools.obj: krb5-auth-tools.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-krb5-auth-tools.obj -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-krb5-auth-tools.Tpo -c -o krb5_auth_dialog-krb5-auth-tools.obj `if test -f 'krb5-auth-tools.c'; then $(CYGPATH_W) 'krb5-auth-tools.c'; else $(CYGPATH_W) '$(srcdir)/krb5-auth-tools.c'; fi` -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-krb5-auth-tools.Tpo $(DEPDIR)/krb5_auth_dialog-krb5-auth-tools.Po +krb5_auth_dialog-ka-plugin-loader.obj: ka-plugin-loader.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-ka-plugin-loader.obj -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-ka-plugin-loader.Tpo -c -o krb5_auth_dialog-ka-plugin-loader.obj `if test -f 'ka-plugin-loader.c'; then $(CYGPATH_W) 'ka-plugin-loader.c'; else $(CYGPATH_W) '$(srcdir)/ka-plugin-loader.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-ka-plugin-loader.Tpo $(DEPDIR)/krb5_auth_dialog-ka-plugin-loader.Po @am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='krb5-auth-tools.c' object='krb5_auth_dialog-krb5-auth-tools.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ka-plugin-loader.c' object='krb5_auth_dialog-ka-plugin-loader.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-krb5-auth-tools.obj `if test -f 'krb5-auth-tools.c'; then $(CYGPATH_W) 'krb5-auth-tools.c'; else $(CYGPATH_W) '$(srcdir)/krb5-auth-tools.c'; fi` +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-ka-plugin-loader.obj `if test -f 'ka-plugin-loader.c'; then $(CYGPATH_W) 'ka-plugin-loader.c'; else $(CYGPATH_W) '$(srcdir)/ka-plugin-loader.c'; fi` -krb5_auth_dialog-krb5-auth-tickets.o: krb5-auth-tickets.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-krb5-auth-tickets.o -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-krb5-auth-tickets.Tpo -c -o krb5_auth_dialog-krb5-auth-tickets.o `test -f 'krb5-auth-tickets.c' || echo '$(srcdir)/'`krb5-auth-tickets.c -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-krb5-auth-tickets.Tpo $(DEPDIR)/krb5_auth_dialog-krb5-auth-tickets.Po +krb5_auth_dialog-ka-closures.o: ka-closures.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-ka-closures.o -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-ka-closures.Tpo -c -o krb5_auth_dialog-ka-closures.o `test -f 'ka-closures.c' || echo '$(srcdir)/'`ka-closures.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-ka-closures.Tpo $(DEPDIR)/krb5_auth_dialog-ka-closures.Po @am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='krb5-auth-tickets.c' object='krb5_auth_dialog-krb5-auth-tickets.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ka-closures.c' object='krb5_auth_dialog-ka-closures.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-krb5-auth-tickets.o `test -f 'krb5-auth-tickets.c' || echo '$(srcdir)/'`krb5-auth-tickets.c +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-ka-closures.o `test -f 'ka-closures.c' || echo '$(srcdir)/'`ka-closures.c -krb5_auth_dialog-krb5-auth-tickets.obj: krb5-auth-tickets.c -@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-krb5-auth-tickets.obj -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-krb5-auth-tickets.Tpo -c -o krb5_auth_dialog-krb5-auth-tickets.obj `if test -f 'krb5-auth-tickets.c'; then $(CYGPATH_W) 'krb5-auth-tickets.c'; else $(CYGPATH_W) '$(srcdir)/krb5-auth-tickets.c'; fi` -@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-krb5-auth-tickets.Tpo $(DEPDIR)/krb5_auth_dialog-krb5-auth-tickets.Po +krb5_auth_dialog-ka-closures.obj: ka-closures.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-ka-closures.obj -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-ka-closures.Tpo -c -o krb5_auth_dialog-ka-closures.obj `if test -f 'ka-closures.c'; then $(CYGPATH_W) 'ka-closures.c'; else $(CYGPATH_W) '$(srcdir)/ka-closures.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/krb5_auth_dialog-ka-closures.Tpo $(DEPDIR)/krb5_auth_dialog-ka-closures.Po @am__fastdepCC_FALSE@ $(AM_V_CC) @AM_BACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='krb5-auth-tickets.c' object='krb5_auth_dialog-krb5-auth-tickets.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ka-closures.c' object='krb5_auth_dialog-ka-closures.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-krb5-auth-tickets.obj `if test -f 'krb5-auth-tickets.c'; then $(CYGPATH_W) 'krb5-auth-tickets.c'; else $(CYGPATH_W) '$(srcdir)/krb5-auth-tickets.c'; fi` +@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -c -o krb5_auth_dialog-ka-closures.obj `if test -f 'ka-closures.c'; then $(CYGPATH_W) 'ka-closures.c'; else $(CYGPATH_W) '$(srcdir)/ka-closures.c'; fi` krb5_auth_dialog-dummy-strings.o: dummy-strings.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(krb5_auth_dialog_CPPFLAGS) $(CPPFLAGS) $(krb5_auth_dialog_CFLAGS) $(CFLAGS) -MT krb5_auth_dialog-dummy-strings.o -MD -MP -MF $(DEPDIR)/krb5_auth_dialog-dummy-strings.Tpo -c -o krb5_auth_dialog-dummy-strings.o `test -f 'dummy-strings.c' || echo '$(srcdir)/'`dummy-strings.c @@ -1030,7 +1098,7 @@ uninstall-man: uninstall-man1 $(service_DATA): $(service_in_files) Makefile sed -e "s|\@BINDIR\@|$(bindir)|" $< > $@ -krb5-auth-applet-dbus-glue.h: $(srcdir)/krb5-auth-applet-dbus.xml +ka-dbus-glue.h: $(srcdir)/ka-dbus.xml dbus-binding-tool \ --mode=glib-server \ --prefix=krb5_auth_dialog \ diff --git a/src/ka-applet-priv.h b/src/ka-applet-priv.h new file mode 100644 index 0000000..7e240a7 --- /dev/null +++ b/src/ka-applet-priv.h @@ -0,0 +1,72 @@ +/* Krb5 Auth Applet -- Acquire and release kerberos tickets + * + * (C) 2008,2010 Guido Guenther + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + */ + +/* "Private" header - functions not exported to plugins */ + +#ifndef KA_APPLET_PRIV_H +#define KA_APPLET_PRIV_H + +#include +#include +#include +#include + +#include "config.h" +#include "ka-applet.h" +#include "ka-pwdialog.h" + +G_BEGIN_DECLS + +#define KA_NAME _("Network Authentication") + +/* signals emitted by KaApplet */ +typedef enum { + KA_SIGNAL_ACQUIRED_TGT, /* New TGT acquired */ + KA_SIGNAL_RENEWED_TGT, /* TGT got renewed */ + KA_SIGNAL_EXPIRED_TGT, /* TGT expired or ticket cache got destroyed */ + KA_SIGNAL_COUNT +} KaAppletSignalNumber; + +/* public functions */ +gboolean ka_applet_get_show_trayicon(const KaApplet* applet); +void ka_applet_set_tgt_renewable(KaApplet* applet, gboolean renewable); +gboolean ka_applet_get_tgt_renewable(const KaApplet* applet); +guint ka_applet_get_pw_prompt_secs(const KaApplet* applet); +KaPwDialog* ka_applet_get_pwdialog(const KaApplet* applet); +GConfClient* ka_applet_get_gconf_client(const KaApplet* applet); +void ka_applet_signal_emit(KaApplet* applet, KaAppletSignalNumber signum, + krb5_timestamp expiry); + +/* create the applet */ +KaApplet* ka_applet_create(void); +/* update tooltip and icon */ +int ka_applet_update_status(KaApplet* applet, krb5_timestamp expiry); + +G_END_DECLS + +#ifdef ENABLE_DEBUG +#define KA_DEBUG(fmt,...) \ + g_printf ("DEBUG: %s: " fmt "\n", __func__, ##__VA_ARGS__) +#else +#define KA_DEBUG(fmt,...) \ + do { } while (0) +#endif /* !ENABLE_DEBUG */ + +#endif diff --git a/src/ka-applet.c b/src/ka-applet.c new file mode 100644 index 0000000..472f4f5 --- /dev/null +++ b/src/ka-applet.c @@ -0,0 +1,942 @@ +/* Krb5 Auth Applet -- Acquire and release kerberos tickets + * + * (C) 2008,2009,2010 Guido Guenther + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + */ + +#include "config.h" + +#include + +#include "ka-applet-priv.h" +#include "ka-dialog.h" +#include "ka-gconf-tools.h" +#include "ka-gconf.h" +#include "ka-tools.h" +#include "ka-tickets.h" +#include "ka-plugin-loader.h" +#include "ka-closures.h" +#ifdef HAVE_LIBNOTIFY +#include +#endif + +#define NOTIFY_SECONDS 300 + +enum ka_icon { + inv_icon = 0, + exp_icon, + val_icon, +}; + +enum +{ + KA_PROP_0 = 0, + KA_PROP_PRINCIPAL, + KA_PROP_PK_USERID, + KA_PROP_PK_ANCHORS, + KA_PROP_TRAYICON, + KA_PROP_PW_PROMPT_MINS, + KA_PROP_TGT_FORWARDABLE, + KA_PROP_TGT_PROXIABLE, + KA_PROP_TGT_RENEWABLE, +}; + +struct _KaApplet { + GObject parent; + + KaAppletPrivate *priv; +}; + +struct _KaAppletClass { + GObjectClass parent; + + guint signals [KA_SIGNAL_COUNT]; +}; + +G_DEFINE_TYPE(KaApplet, ka_applet, G_TYPE_OBJECT); + +struct _KaAppletPrivate +{ + GtkBuilder *uixml; + GtkStatusIcon* tray_icon; /* the tray icon */ + GtkWidget* context_menu; /* the tray icon's context menu */ + const char* icons[3]; /* for invalid, expiring and valid tickts */ + gboolean show_trayicon; /* show the trayicon */ + + KaPwDialog *pwdialog; /* the password dialog */ + int pw_prompt_secs; /* when to start prompting for a password */ + KaPluginLoader *loader; /* Plugin loader */ + +#ifdef HAVE_LIBNOTIFY + NotifyNotification* notification;/* notification messages */ +#endif /* HAVE_LIBNOTIFY */ + const char* notify_gconf_key; /* disable notification gconf key */ + char* principal; /* the principal to request */ + gboolean renewable; /* credentials renewable? */ + char* pk_userid; /* "userid" for pkint */ + char* pk_anchors; /* trust anchors for pkint */ + gboolean tgt_forwardable; /* request a forwardable ticket */ + gboolean tgt_renewable; /* request a renewable ticket */ + gboolean tgt_proxiable; /* request a proxiable ticket */ + + GConfClient *gconf; /* gconf client */ +}; + +static void +ka_applet_set_property (GObject *object, + guint property_id, + const GValue *value, + GParamSpec *pspec) +{ + KaApplet* self = KA_APPLET (object); + + switch (property_id) { + case KA_PROP_PRINCIPAL: + g_free (self->priv->principal); + self->priv->principal = g_value_dup_string (value); + KA_DEBUG ("%s: %s", pspec->name, self->priv->principal); + break; + + case KA_PROP_PK_USERID: + g_free (self->priv->pk_userid); + self->priv->pk_userid = g_value_dup_string (value); + KA_DEBUG ("%s: %s", pspec->name, self->priv->pk_userid); + break; + + case KA_PROP_PK_ANCHORS: + g_free (self->priv->pk_anchors); + self->priv->pk_anchors = g_value_dup_string (value); + KA_DEBUG ("%s: %s", pspec->name, self->priv->pk_anchors); + break; + + case KA_PROP_TRAYICON: + self->priv->show_trayicon = g_value_get_boolean (value); + KA_DEBUG ("%s: %s", pspec->name, self->priv->show_trayicon ? "True" : "False"); + break; + + case KA_PROP_PW_PROMPT_MINS: + self->priv->pw_prompt_secs = g_value_get_uint (value) * 60; + KA_DEBUG ("%s: %d", pspec->name, self->priv->pw_prompt_secs/60); + break; + + case KA_PROP_TGT_FORWARDABLE: + self->priv->tgt_forwardable = g_value_get_boolean (value); + KA_DEBUG ("%s: %s", pspec->name, self->priv->tgt_forwardable ? "True" : "False"); + break; + + case KA_PROP_TGT_PROXIABLE: + self->priv->tgt_proxiable = g_value_get_boolean (value); + KA_DEBUG ("%s: %s", pspec->name, self->priv->tgt_proxiable ? "True" : "False"); + break; + + case KA_PROP_TGT_RENEWABLE: + self->priv->tgt_renewable = g_value_get_boolean (value); + KA_DEBUG ("%s: %s", pspec->name, self->priv->tgt_renewable ? "True" : "False"); + break; + + default: + /* We don't have any other property... */ + G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec); + break; + } +} + +static void +ka_applet_get_property (GObject *object, + guint property_id, + GValue *value, + GParamSpec *pspec) +{ + KaApplet *self = KA_APPLET (object); + + switch (property_id) + { + case KA_PROP_PRINCIPAL: + g_value_set_string (value, self->priv->principal); + break; + + case KA_PROP_PK_USERID: + g_value_set_string (value, self->priv->pk_userid); + break; + + case KA_PROP_PK_ANCHORS: + g_value_set_string (value, self->priv->pk_anchors); + break; + + case KA_PROP_TRAYICON: + g_value_set_boolean (value, self->priv->show_trayicon); + break; + + case KA_PROP_PW_PROMPT_MINS: + g_value_set_uint (value, self->priv->pw_prompt_secs / 60); + break; + + case KA_PROP_TGT_FORWARDABLE: + g_value_set_boolean (value, self->priv->tgt_forwardable); + break; + + case KA_PROP_TGT_PROXIABLE: + g_value_set_boolean (value, self->priv->tgt_proxiable); + break; + + case KA_PROP_TGT_RENEWABLE: + g_value_set_boolean (value, self->priv->tgt_renewable); + break; + + default: + G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec); + break; + } +} + + +static void +ka_applet_dispose(GObject* object) +{ + KaApplet* applet = KA_APPLET(object); + GObjectClass *parent_class = G_OBJECT_CLASS (ka_applet_parent_class); + + if (applet->priv->tray_icon) { + g_object_unref(applet->priv->tray_icon); + applet->priv->tray_icon = NULL; + } + if (applet->priv->pwdialog) { + g_object_unref(applet->priv->pwdialog); + applet->priv->pwdialog = NULL; + } + if (applet->priv->uixml) { + g_object_unref(applet->priv->uixml); + applet->priv->uixml = NULL; + } + if (applet->priv->loader) { + g_object_unref(applet->priv->loader); + applet->priv->loader = NULL; + } + + if (parent_class->dispose != NULL) + parent_class->dispose (object); +} + + +static void +ka_applet_finalize(GObject *object) +{ + KaApplet* applet = KA_APPLET(object); + GObjectClass *parent_class = G_OBJECT_CLASS (ka_applet_parent_class); + + g_free (applet->priv->principal); + g_free (applet->priv->pk_userid); + g_free (applet->priv->pk_anchors); + /* no need to free applet->priv */ + + if (parent_class->finalize != NULL) + parent_class->finalize (object); +} + +static void +ka_applet_init(KaApplet *applet) +{ + applet->priv = G_TYPE_INSTANCE_GET_PRIVATE(applet, + KA_TYPE_APPLET, + KaAppletPrivate); +} + +static void +ka_applet_class_init(KaAppletClass *klass) +{ + GObjectClass *object_class = G_OBJECT_CLASS(klass); + GParamSpec *pspec; + const gchar *signalNames [ KA_SIGNAL_COUNT ] = { + "krb-tgt-acquired", + "krb-tgt-renewed", + "krb-tgt-expired"}; + int i; + + object_class->dispose = ka_applet_dispose; + object_class->finalize = ka_applet_finalize; + g_type_class_add_private(klass, sizeof(KaAppletPrivate)); + + object_class->set_property = ka_applet_set_property; + object_class->get_property = ka_applet_get_property; + + pspec = g_param_spec_string ("principal", + "Principal", + "Get/Set Kerberos principal", + "", + G_PARAM_CONSTRUCT | G_PARAM_READWRITE); + g_object_class_install_property (object_class, + KA_PROP_PRINCIPAL, + pspec); + + pspec = g_param_spec_string ("pk-userid", + "PKinit identifier", + "Get/Set Pkinit identifier", + "", + G_PARAM_CONSTRUCT | G_PARAM_READWRITE); + g_object_class_install_property (object_class, + KA_PROP_PK_USERID, + pspec); + + pspec = g_param_spec_string ("pk-anchors", + "PKinit trust anchors", + "Get/Set Pkinit trust anchors", + "", + G_PARAM_CONSTRUCT | G_PARAM_READWRITE); + g_object_class_install_property (object_class, + KA_PROP_PK_ANCHORS, + pspec); + + pspec = g_param_spec_boolean("show-trayicon", + "Show tray icon", + "Show/Hide the tray icon", + TRUE, + G_PARAM_CONSTRUCT | G_PARAM_READWRITE); + g_object_class_install_property (object_class, + KA_PROP_TRAYICON, + pspec); + + pspec = g_param_spec_uint ("pw-prompt-mins", + "Password prompting interval", + "Password prompting interval in minutes", + 0, G_MAXUINT, MINUTES_BEFORE_PROMPTING, + G_PARAM_CONSTRUCT | G_PARAM_READWRITE); + g_object_class_install_property (object_class, + KA_PROP_PW_PROMPT_MINS, + pspec); + + pspec = g_param_spec_boolean("tgt-forwardable", + "Forwardable ticket", + "wether to request forwardable tickets", + FALSE, + G_PARAM_CONSTRUCT | G_PARAM_READWRITE); + g_object_class_install_property (object_class, + KA_PROP_TGT_FORWARDABLE, + pspec); + + pspec = g_param_spec_boolean("tgt-proxiable", + "Proxiable ticket", + "wether to request proxiable tickets", + FALSE, + G_PARAM_CONSTRUCT | G_PARAM_READWRITE); + g_object_class_install_property (object_class, + KA_PROP_TGT_PROXIABLE, + pspec); + + pspec = g_param_spec_boolean("tgt-renewable", + "Renewable ticket", + "wether to request renewable tickets", + FALSE, + G_PARAM_CONSTRUCT | G_PARAM_READWRITE); + g_object_class_install_property (object_class, + KA_PROP_TGT_RENEWABLE, + pspec); + + for (i = 0; i < KA_SIGNAL_COUNT ; i++) { + guint signalId; + signalId = + g_signal_new ( signalNames [i], + G_OBJECT_CLASS_TYPE ( klass ), + G_SIGNAL_RUN_LAST, + 0, + NULL, + NULL, + ka_closure_VOID__STRING_UINT, + G_TYPE_NONE, + 2, /* number of parameters */ + G_TYPE_STRING, + G_TYPE_UINT); + klass->signals [i] = signalId ; + } +} + + +static KaApplet* +ka_applet_new(void) +{ + return g_object_new (KA_TYPE_APPLET, NULL); +} + + +/* determine the new tooltip text */ +static char* +ka_applet_tooltip_text(int remaining) +{ + int hours, minutes; + gchar* tooltip_text; + + if (remaining > 0) { + if (remaining >= 3600) { + hours = remaining / 3600; + minutes = (remaining % 3600) / 60; + /* Translators: First number is hours, second number is minutes */ + tooltip_text = g_strdup_printf (_("Your credentials expire in %.2d:%.2dh"), hours, minutes); + } else { + minutes = remaining / 60; + tooltip_text = g_strdup_printf (ngettext( + "Your credentials expire in %d minute", + "Your credentials expire in %d minutes", + minutes), minutes); + } + } else + tooltip_text = g_strdup (_("Your credentials have expired")); + return tooltip_text; +} + + +/* determine the current icon */ +static const char* +ka_applet_select_icon(KaApplet* applet, int remaining) +{ + enum ka_icon tray_icon = inv_icon; + + if (remaining > 0) { + if (remaining < applet->priv->pw_prompt_secs && + !applet->priv->renewable) + tray_icon = exp_icon; + else + tray_icon = val_icon; + } + + return applet->priv->icons[tray_icon]; +} + + +#ifdef HAVE_LIBNOTIFY +static gboolean +ka_show_notification (KaApplet *applet) +{ + /* wait for the panel to be settled before showing a bubble */ + if (gtk_status_icon_is_embedded (applet->priv->tray_icon)) { + GError *error = NULL; + gboolean ret; + + ret = notify_notification_show (applet->priv->notification, &error); + if (!ret) { + g_assert (error); + g_assert (error->message); + g_warning ("Failed to show notification: %s", error->message); + g_clear_error (&error); + } + } else { + g_timeout_add_seconds (5, (GSourceFunc)ka_show_notification, applet); + } + return FALSE; +} + + +static void +ka_notify_action_cb (NotifyNotification *notification G_GNUC_UNUSED, + gchar *action, gpointer user_data) +{ + KaApplet *self = KA_APPLET (user_data); + + if (strcmp (action, "dont-show-again") == 0) { + KA_DEBUG ("turning of notification %s", self->priv->notify_gconf_key); + ka_gconf_set_bool (self->priv->gconf, + self->priv->notify_gconf_key, + FALSE); + self->priv->notify_gconf_key = NULL; + } else { + g_warning("unkonwn action for callback"); + } +} + + +static void +ka_send_event_notification (KaApplet *applet, + const char *summary, + const char *message, + const char *icon, + const char *action) +{ + const char *notify_icon; + + g_return_if_fail (applet != NULL); + g_return_if_fail (summary != NULL); + g_return_if_fail (message != NULL); + + if (!notify_is_initted ()) + notify_init (PACKAGE); + + if (applet->priv->notification != NULL) { + notify_notification_close (applet->priv->notification, NULL); + g_object_unref (applet->priv->notification); + } + + notify_icon = icon ? icon : "krb-valid-ticket"; + + applet->priv->notification = \ + notify_notification_new_with_status_icon(summary, + message, + notify_icon, + applet->priv->tray_icon); + + notify_notification_set_urgency (applet->priv->notification, NOTIFY_URGENCY_NORMAL); + notify_notification_add_action (applet->priv->notification, + action, + _("Don't show me this again"), + (NotifyActionCallback) ka_notify_action_cb, + applet, NULL); + ka_show_notification (applet); +} +#else +static void +ka_send_event_notification (KaApplet *applet G_GNUC_UNUSED, + const char *summary G_GNUC_UNUSED, + const char *message G_GNUC_UNUSED, + const char *icon G_GNUC_UNUSED, + const char *action G_GNUC_UNUSED) +{ +} +#endif /* ! HAVE_LIBNOTIFY */ + + +/* + * update the tray icon's tooltip and icon + * and notify listeners about acquired/expiring tickets via signals + */ +int +ka_applet_update_status(KaApplet* applet, krb5_timestamp expiry) +{ + int now = time(0); + int remaining = expiry - now; + static int last_warn = 0; + static gboolean expiry_notified = FALSE; + static krb5_timestamp old_expiry = 0; + gboolean notify = TRUE; + const char* tray_icon = ka_applet_select_icon (applet, remaining); + char* tooltip_text = ka_applet_tooltip_text (remaining); + + + if (remaining > 0) { + if (expiry_notified) { + ka_gconf_get_bool(applet->priv->gconf, + KA_GCONF_KEY_NOTIFY_VALID, + ¬ify); + if (notify) { + applet->priv->notify_gconf_key = KA_GCONF_KEY_NOTIFY_VALID; + ka_send_event_notification (applet, + _("Network credentials valid"), + _("You've refreshed your Kerberos credentials."), + "krb-valid-ticket", + "dont-show-again"); + } + ka_applet_signal_emit (applet, KA_SIGNAL_ACQUIRED_TGT, expiry); + expiry_notified = FALSE; + } else { + if (remaining < applet->priv->pw_prompt_secs + && (now - last_warn) > NOTIFY_SECONDS + && !applet->priv->renewable) { + ka_gconf_get_bool(applet->priv->gconf, + KA_GCONF_KEY_NOTIFY_EXPIRING, + ¬ify); + if (notify) { + applet->priv->notify_gconf_key = KA_GCONF_KEY_NOTIFY_EXPIRING; + ka_send_event_notification (applet, + _("Network credentials expiring"), + tooltip_text, + "krb-expiring-ticket", + "dont-show-again"); + } + last_warn = now; + } + /* ticket lifetime got longer e.g. by kinit -R */ + if (old_expiry && expiry > old_expiry) + ka_applet_signal_emit (applet, KA_SIGNAL_RENEWED_TGT, expiry); + } + } else { + if (!expiry_notified) { + ka_gconf_get_bool(applet->priv->gconf, + KA_GCONF_KEY_NOTIFY_EXPIRED, + ¬ify); + if (notify) { + applet->priv->notify_gconf_key = KA_GCONF_KEY_NOTIFY_EXPIRED; + ka_send_event_notification (applet, + _("Network credentials expired"), + _("Your Kerberos credentails have expired."), + "krb-no-valid-ticket", + "dont-show-again"); + } + ka_applet_signal_emit (applet, KA_SIGNAL_EXPIRED_TGT, expiry); + expiry_notified = TRUE; + last_warn = 0; + } + } + + old_expiry = expiry; + gtk_status_icon_set_from_icon_name (applet->priv->tray_icon, tray_icon); + gtk_status_icon_set_tooltip_text (applet->priv->tray_icon, tooltip_text); + g_free(tooltip_text); + return 0; +} + + +static void +ka_applet_menu_add_separator_item (GtkWidget* menu) +{ + GtkWidget* menu_item; + + menu_item = gtk_separator_menu_item_new (); + gtk_menu_shell_append (GTK_MENU_SHELL (menu), menu_item); + gtk_widget_show (menu_item); +} + +static void +ka_applet_cb_preferences (GtkWidget* menuitem G_GNUC_UNUSED, + gpointer user_data G_GNUC_UNUSED) +{ + GError *error = NULL; + + g_spawn_command_line_async (BIN_DIR + G_DIR_SEPARATOR_S + "krb5-auth-dialog-preferences", + &error); + if (error) { + GtkWidget *message_dialog; + + message_dialog = gtk_message_dialog_new (NULL, + GTK_DIALOG_DESTROY_WITH_PARENT, + GTK_MESSAGE_ERROR, + GTK_BUTTONS_CLOSE, + _("There was an error launching the preferences dialog: %s"), + error->message); + gtk_window_set_resizable (GTK_WINDOW (message_dialog), FALSE); + + g_signal_connect (message_dialog, "response", + G_CALLBACK (gtk_widget_destroy), + NULL); + gtk_widget_show (message_dialog); + g_error_free (error); + } +} + + +/* Free all resources and quit */ +static void +ka_applet_cb_quit (GtkMenuItem* menuitem G_GNUC_UNUSED, gpointer user_data) +{ + KaApplet* applet = KA_APPLET(user_data); + + g_object_unref (applet); + gtk_main_quit (); +} + + +static void +ka_about_dialog_url_hook (GtkAboutDialog *about, + const gchar *alink, + gpointer data G_GNUC_UNUSED) +{ + GError *error = NULL; + + gtk_show_uri(gtk_window_get_screen (GTK_WINDOW (about)), + alink, gtk_get_current_event_time(), &error); + + if (error) { + GtkWidget *message_dialog; + + message_dialog = gtk_message_dialog_new (GTK_WINDOW (about), + GTK_DIALOG_DESTROY_WITH_PARENT, + GTK_MESSAGE_ERROR, + GTK_BUTTONS_CLOSE, + _("There was an error displaying %s:\n%s"), + alink, error->message); + gtk_window_set_resizable (GTK_WINDOW (message_dialog), FALSE); + + g_signal_connect (message_dialog, "response", + G_CALLBACK (gtk_widget_destroy), + NULL); + gtk_widget_show (message_dialog); + g_error_free (error); + } +} + + +static void +ka_applet_cb_about_dialog (GtkMenuItem* menuitem G_GNUC_UNUSED, + gpointer user_data G_GNUC_UNUSED) +{ + const gchar* authors[] = { + "Christopher Aillon ", + "Jonathan Blandford ", + "Colin Walters ", + "Guido Günther ", + NULL }; + + gtk_about_dialog_set_url_hook (ka_about_dialog_url_hook, NULL, NULL); + gtk_show_about_dialog (NULL, + "authors", authors, + "version", VERSION, + "logo-icon-name", "krb-valid-ticket", + "copyright", + "Copyright (C) 2004,2005,2006 Red Hat, Inc.,\n" + "2008,2009 Guido Günther", + "website-label", PACKAGE " website", + "website", "https://honk.sigxcpu.org/piki/projects/krb5-auth-dialog/", + "license", "GNU General Public License Version 2", + /* Translators: add the translators of your language here */ + "translator-credits", _("translator-credits"), + NULL); +} + + +static void +ka_applet_cb_show_help (GtkMenuItem* menuitem G_GNUC_UNUSED, + gpointer user_data) +{ + KaApplet *applet = KA_APPLET(user_data); + + ka_show_help (gtk_status_icon_get_screen(applet->priv->tray_icon), NULL, NULL); +} + + +static void +ka_applet_cb_destroy_ccache(GtkMenuItem* menuitem G_GNUC_UNUSED, + gpointer user_data) +{ + KaApplet *applet = KA_APPLET(user_data); + ka_destroy_ccache(applet); +} + +static void +ka_applet_cb_show_tickets(GtkMenuItem* menuitem G_GNUC_UNUSED, + gpointer user_data G_GNUC_UNUSED) +{ + ka_tickets_dialog_run(); +} + + +/* The tray icon's context menu */ +static gboolean +ka_applet_create_context_menu (KaApplet* applet) +{ + GtkWidget* menu; + GtkWidget* menu_item; + GtkWidget* image; + + menu = gtk_menu_new (); + + /* kdestroy */ + menu_item = gtk_image_menu_item_new_with_mnemonic (_("Remove Credentials _Cache")); + g_signal_connect (G_OBJECT (menu_item), "activate", + G_CALLBACK (ka_applet_cb_destroy_ccache), applet); + image = gtk_image_new_from_stock (GTK_STOCK_CANCEL, GTK_ICON_SIZE_MENU); + gtk_image_menu_item_set_image (GTK_IMAGE_MENU_ITEM (menu_item), image); + gtk_menu_shell_append (GTK_MENU_SHELL (menu), menu_item); + + ka_applet_menu_add_separator_item (menu); + + /* Ticket dialog */ + menu_item = gtk_image_menu_item_new_with_mnemonic("_List Tickets"); + g_signal_connect (G_OBJECT (menu_item), "activate", + G_CALLBACK (ka_applet_cb_show_tickets), applet); + gtk_menu_shell_append (GTK_MENU_SHELL (menu), menu_item); + + /* Preferences */ + menu_item = gtk_image_menu_item_new_from_stock(GTK_STOCK_PREFERENCES, NULL); + g_signal_connect (G_OBJECT (menu_item), "activate", + G_CALLBACK (ka_applet_cb_preferences), applet); + gtk_menu_shell_append (GTK_MENU_SHELL (menu), menu_item); + + /* About item */ + menu_item = gtk_image_menu_item_new_from_stock(GTK_STOCK_HELP, NULL); + g_signal_connect (G_OBJECT (menu_item), "activate", + G_CALLBACK (ka_applet_cb_show_help), applet); + gtk_menu_shell_append (GTK_MENU_SHELL (menu), menu_item); + + /* About item */ + menu_item = gtk_image_menu_item_new_from_stock(GTK_STOCK_ABOUT, NULL); + g_signal_connect (G_OBJECT (menu_item), "activate", + G_CALLBACK (ka_applet_cb_about_dialog), applet); + gtk_menu_shell_append (GTK_MENU_SHELL (menu), menu_item); + + ka_applet_menu_add_separator_item (menu); + + /* Quit */ + menu_item = gtk_image_menu_item_new_from_stock(GTK_STOCK_QUIT, NULL); + g_signal_connect (G_OBJECT (menu_item), "activate", + G_CALLBACK (ka_applet_cb_quit), applet); + gtk_menu_shell_append (GTK_MENU_SHELL (menu), menu_item); + + gtk_widget_show_all (menu); + applet->priv->context_menu = menu; + + return TRUE; +} + + +static void +ka_tray_icon_on_menu (GtkStatusIcon* status_icon G_GNUC_UNUSED, + guint button, + guint activate_time, + gpointer user_data) +{ + KaApplet *applet = KA_APPLET(user_data); + + KA_DEBUG("Trayicon right clicked: %d", applet->priv->pw_prompt_secs); + gtk_menu_popup (GTK_MENU (applet->priv->context_menu), NULL, NULL, + gtk_status_icon_position_menu, applet->priv->tray_icon, + button, activate_time); +} + + +static gboolean +ka_tray_icon_on_click (GtkStatusIcon* status_icon G_GNUC_UNUSED, + gpointer data) +{ + KaApplet *applet = KA_APPLET(data); + + KA_DEBUG("Trayicon clicked: %d", applet->priv->pw_prompt_secs); + ka_grab_credentials (applet); + return TRUE; +} + + +static gboolean +ka_applet_cb_show_trayicon (KaApplet* applet, + GParamSpec* property G_GNUC_UNUSED, + gpointer data G_GNUC_UNUSED) +{ + g_return_val_if_fail (applet != NULL, FALSE); + g_return_val_if_fail (applet->priv->tray_icon != NULL, FALSE); + + gtk_status_icon_set_visible (applet->priv->tray_icon, applet->priv->show_trayicon); + return TRUE; +} + + +static gboolean +ka_applet_create_tray_icon (KaApplet* applet) +{ + GtkStatusIcon* tray_icon; + + tray_icon = gtk_status_icon_new (); + + g_signal_connect (G_OBJECT(tray_icon), "activate", + G_CALLBACK(ka_tray_icon_on_click), applet); + g_signal_connect (G_OBJECT(tray_icon), + "popup-menu", + G_CALLBACK(ka_tray_icon_on_menu), applet); + gtk_status_icon_set_from_icon_name (tray_icon, applet->priv->icons[exp_icon]); + gtk_status_icon_set_tooltip_text (tray_icon, PACKAGE); + gtk_status_icon_set_title (tray_icon, KA_NAME); + applet->priv->tray_icon = tray_icon; + return TRUE; +} + +static int +ka_applet_setup_icons (KaApplet* applet) +{ + /* Add application specific icons to search path */ + gtk_icon_theme_append_search_path (gtk_icon_theme_get_default (), + DATA_DIR G_DIR_SEPARATOR_S "icons"); + applet->priv->icons[val_icon] = "krb-valid-ticket"; + applet->priv->icons[exp_icon] = "krb-expiring-ticket"; + applet->priv->icons[inv_icon] = "krb-no-valid-ticket"; + return TRUE; +} + +guint +ka_applet_get_pw_prompt_secs(const KaApplet* applet) +{ + return applet->priv->pw_prompt_secs; +} + +gboolean +ka_applet_get_show_trayicon(const KaApplet* applet) +{ + return applet->priv->show_trayicon; +} + +void +ka_applet_set_tgt_renewable(KaApplet* applet, gboolean renewable) +{ + applet->priv->renewable = renewable; +} + +gboolean +ka_applet_get_tgt_renewable(const KaApplet* applet) +{ + return applet->priv->renewable; +} + +KaPwDialog* +ka_applet_get_pwdialog(const KaApplet* applet) +{ + return applet->priv->pwdialog; +} + +GConfClient* +ka_applet_get_gconf_client(const KaApplet* self) +{ + return self->priv->gconf; +} + +void +ka_applet_signal_emit (KaApplet* this, KaAppletSignalNumber signum, + krb5_timestamp expiry) +{ + KaAppletClass *klass = KA_APPLET_GET_CLASS (this); + char *princ; + + princ = ka_unparse_name (); + if (!princ) + return; + + g_signal_emit (this, klass->signals[signum], 0, princ, (guint32)expiry); + g_free (princ); +} + +/* create the tray icon applet */ +KaApplet* +ka_applet_create() +{ + KaApplet* applet = ka_applet_new(); + GError *error = NULL; + gboolean ret; + + if (!(ka_applet_setup_icons (applet))) + g_error ("Failure to setup icons"); + if (!ka_applet_create_tray_icon (applet)) + g_error ("Failure to create tray icon"); + if (!ka_applet_create_context_menu (applet)) + g_error ("Failure to create context menu"); + gtk_window_set_default_icon_name (applet->priv->icons[val_icon]); + g_signal_connect (applet, "notify::show-trayicon", + G_CALLBACK (ka_applet_cb_show_trayicon), NULL); + + applet->priv->uixml = gtk_builder_new(); + ret = gtk_builder_add_from_file(applet->priv->uixml, + KA_DATA_DIR G_DIR_SEPARATOR_S + PACKAGE ".xml", &error); + if (!ret) { + g_assert (error); + g_assert (error->message); + g_error ("Failed to load UI XML: %s", error->message); + } + applet->priv->pwdialog = ka_pwdialog_create(applet->priv->uixml); + g_return_val_if_fail (applet->priv->pwdialog != NULL, NULL); + + applet->priv->gconf = ka_gconf_init (applet); + g_return_val_if_fail (applet->priv->gconf != NULL, NULL); + + ka_tickets_dialog_create (applet->priv->uixml); + applet->priv->loader = ka_plugin_loader_create (applet); + g_return_val_if_fail (applet->priv->loader != NULL, NULL); + + return applet; +} diff --git a/src/ka-applet.h b/src/ka-applet.h new file mode 100644 index 0000000..e9af644 --- /dev/null +++ b/src/ka-applet.h @@ -0,0 +1,48 @@ +/* Krb5 Auth Applet -- Acquire and release kerberos tickets + * + * (C) 2008 Guido Guenther + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + */ + +#ifndef KA_APPLET_H +#define KA_APPLET_H + +#include + +G_BEGIN_DECLS + +#define KA_TYPE_APPLET (ka_applet_get_type ()) +#define KA_APPLET(obj) \ + (G_TYPE_CHECK_INSTANCE_CAST ((obj), KA_TYPE_APPLET, KaApplet)) +#define KA_APPLET_CLASS(klass) \ + (G_TYPE_CHECK_CLASS_CAST ((klass), KA_TYPE_APPLET, KaAppletClass)) +#define KA_IS_APPLET(obj) \ + (G_TYPE_CHECK_INSTANCE_TYPE ((obj), KA_TYPE_APPLET)) +#define KA_IS_APPLET_CLASS(klass) \ + (G_TYPE_CHECK_CLASS_TYPE ((klass), KA_TYPE_APPLET)) +#define KA_APPLET_GET_CLASS(obj) \ + (G_TYPE_INSTANCE_GET_CLASS ((obj), KA_TYPE_APPLET, KaAppletClass)) + +typedef struct _KaApplet KaApplet; +typedef struct _KaAppletClass KaAppletClass; +typedef struct _KaAppletPrivate KaAppletPrivate; + +GType ka_applet_get_type (void); + +G_END_DECLS + +#endif diff --git a/src/ka-closures.c b/src/ka-closures.c new file mode 100644 index 0000000..a3c651b --- /dev/null +++ b/src/ka-closures.c @@ -0,0 +1,105 @@ +/* + * Copyright (C) 2010 Guido Guenther + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + * This file was generated using glib-genmarshal + */ + +#include +#include "ka-closures.h" + + +#ifdef G_ENABLE_DEBUG +#define g_marshal_value_peek_boolean(v) g_value_get_boolean (v) +#define g_marshal_value_peek_char(v) g_value_get_char (v) +#define g_marshal_value_peek_uchar(v) g_value_get_uchar (v) +#define g_marshal_value_peek_int(v) g_value_get_int (v) +#define g_marshal_value_peek_uint(v) g_value_get_uint (v) +#define g_marshal_value_peek_long(v) g_value_get_long (v) +#define g_marshal_value_peek_ulong(v) g_value_get_ulong (v) +#define g_marshal_value_peek_int64(v) g_value_get_int64 (v) +#define g_marshal_value_peek_uint64(v) g_value_get_uint64 (v) +#define g_marshal_value_peek_enum(v) g_value_get_enum (v) +#define g_marshal_value_peek_flags(v) g_value_get_flags (v) +#define g_marshal_value_peek_float(v) g_value_get_float (v) +#define g_marshal_value_peek_double(v) g_value_get_double (v) +#define g_marshal_value_peek_string(v) (char*) g_value_get_string (v) +#define g_marshal_value_peek_param(v) g_value_get_param (v) +#define g_marshal_value_peek_boxed(v) g_value_get_boxed (v) +#define g_marshal_value_peek_pointer(v) g_value_get_pointer (v) +#define g_marshal_value_peek_object(v) g_value_get_object (v) +#else /* !G_ENABLE_DEBUG */ +/* WARNING: This code accesses GValues directly, which is UNSUPPORTED API. + * Do not access GValues directly in your code. Instead, use the + * g_value_get_*() functions + */ +#define g_marshal_value_peek_boolean(v) (v)->data[0].v_int +#define g_marshal_value_peek_char(v) (v)->data[0].v_int +#define g_marshal_value_peek_uchar(v) (v)->data[0].v_uint +#define g_marshal_value_peek_int(v) (v)->data[0].v_int +#define g_marshal_value_peek_uint(v) (v)->data[0].v_uint +#define g_marshal_value_peek_long(v) (v)->data[0].v_long +#define g_marshal_value_peek_ulong(v) (v)->data[0].v_ulong +#define g_marshal_value_peek_int64(v) (v)->data[0].v_int64 +#define g_marshal_value_peek_uint64(v) (v)->data[0].v_uint64 +#define g_marshal_value_peek_enum(v) (v)->data[0].v_long +#define g_marshal_value_peek_flags(v) (v)->data[0].v_ulong +#define g_marshal_value_peek_float(v) (v)->data[0].v_float +#define g_marshal_value_peek_double(v) (v)->data[0].v_double +#define g_marshal_value_peek_string(v) (v)->data[0].v_pointer +#define g_marshal_value_peek_param(v) (v)->data[0].v_pointer +#define g_marshal_value_peek_boxed(v) (v)->data[0].v_pointer +#define g_marshal_value_peek_pointer(v) (v)->data[0].v_pointer +#define g_marshal_value_peek_object(v) (v)->data[0].v_pointer +#endif /* !G_ENABLE_DEBUG */ + + +/* VOID:STRING,UINT (src/marshaller:1) */ +void +ka_closure_VOID__STRING_UINT (GClosure *closure, + GValue *return_value G_GNUC_UNUSED, + guint n_param_values, + const GValue *param_values, + gpointer invocation_hint G_GNUC_UNUSED, + gpointer marshal_data) +{ + typedef void (*GMarshalFunc_VOID__STRING_UINT) (gpointer data1, + gpointer arg_1, + guint arg_2, + gpointer data2); + register GMarshalFunc_VOID__STRING_UINT callback; + register GCClosure *cc = (GCClosure*) closure; + register gpointer data1, data2; + + g_return_if_fail (n_param_values == 3); + + if (G_CCLOSURE_SWAP_DATA (closure)) + { + data1 = closure->data; + data2 = g_value_peek_pointer (param_values + 0); + } + else + { + data1 = g_value_peek_pointer (param_values + 0); + data2 = closure->data; + } + callback = (GMarshalFunc_VOID__STRING_UINT) (marshal_data ? marshal_data : cc->callback); + + callback (data1, + g_marshal_value_peek_string (param_values + 1), + g_marshal_value_peek_uint (param_values + 2), + data2); +} diff --git a/src/ka-closures.h b/src/ka-closures.h new file mode 100644 index 0000000..37b0a7d --- /dev/null +++ b/src/ka-closures.h @@ -0,0 +1,38 @@ +/* + * Copyright (C) 2010 Guido Guenther + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + * This file was generated using glib-genmarshal + */ + +#ifndef __ka_closure_MARSHAL_H__ +#define __ka_closure_MARSHAL_H__ + +#include + +G_BEGIN_DECLS + +/* VOID:STRING,UINT (marshaller:1) */ +extern void ka_closure_VOID__STRING_UINT (GClosure *closure, + GValue *return_value, + guint n_param_values, + const GValue *param_values, + gpointer invocation_hint, + gpointer marshal_data); + +G_END_DECLS + +#endif /* __ka_closure_MARSHAL_H__ */ diff --git a/src/ka-dbus.c b/src/ka-dbus.c new file mode 100644 index 0000000..f8a00d6 --- /dev/null +++ b/src/ka-dbus.c @@ -0,0 +1,119 @@ +/* Krb5 Auth Applet -- Acquire and release kerberos tickets + * + * (C) 2008,2009 Guido Guenther + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + */ + +#include "config.h" + +#include +#include "ka-applet-priv.h" +#include "ka-dialog.h" +#include "ka-dbus.h" +#include "ka-dbus-glue.h" + +static DBusGConnection *session; + +gboolean +ka_dbus_acquire_tgt (KaApplet *applet, + const gchar *principal, DBusGMethodInvocation *context) +{ + gboolean success; + + KA_DEBUG("Getting TGT for '%s'", principal); + success = ka_check_credentials(applet, principal); + dbus_g_method_return(context, success); + return TRUE; +} + + +gboolean +ka_dbus_destroy_ccache(KaApplet* applet, DBusGMethodInvocation *context) +{ + gboolean success; + + KA_DEBUG("Destroying ticket cache"); + success = ka_destroy_ccache (applet); + dbus_g_method_return(context, success); + return TRUE; +} + + +gboolean +ka_dbus_service(KaApplet* applet) +{ + dbus_g_connection_register_g_object (session, + "/org/gnome/KrbAuthDialog", + G_OBJECT(applet)); + return TRUE; +} + + +gboolean +ka_dbus_connect(unsigned int* status) +{ + guint request_name_reply; + unsigned int flags; + DBusGProxy *bus_proxy; + GError *error = NULL; + + /* Connect to the session bus so we get exit-on-disconnect semantics. */ + session = dbus_g_bus_get(DBUS_BUS_SESSION, &error); + if (session == NULL) { + g_error ("couldn't connect to session bus: %s", (error) ? error->message : "(null)"); + *status = 1; + g_clear_error (&error); + return FALSE; + } + flags = DBUS_NAME_FLAG_DO_NOT_QUEUE; + bus_proxy = dbus_g_proxy_new_for_name (session, + "org.freedesktop.DBus", + "/org/freedesktop/DBus", + "org.freedesktop.DBus"); + + dbus_g_object_type_install_info(KA_TYPE_APPLET, + &dbus_glib_krb5_auth_dialog_object_info); + + if (!dbus_g_proxy_call (bus_proxy, + "RequestName", + &error, + G_TYPE_STRING, + "org.gnome.KrbAuthDialog", + G_TYPE_UINT, + flags, + G_TYPE_INVALID, + G_TYPE_UINT, + &request_name_reply, + G_TYPE_INVALID)) { + g_warning ("Failed to invoke RequestName: %s", + error->message); + } + g_clear_error (&error); + g_object_unref (bus_proxy); + + if (request_name_reply == DBUS_REQUEST_NAME_REPLY_PRIMARY_OWNER + || request_name_reply == DBUS_REQUEST_NAME_REPLY_ALREADY_OWNER) + ; + else if (request_name_reply == DBUS_REQUEST_NAME_REPLY_EXISTS + || request_name_reply == DBUS_REQUEST_NAME_REPLY_IN_QUEUE) { + *status = 0; + return FALSE; + } else { + g_assert_not_reached(); + } + return TRUE; +} diff --git a/src/ka-dbus.h b/src/ka-dbus.h new file mode 100644 index 0000000..23828b7 --- /dev/null +++ b/src/ka-dbus.h @@ -0,0 +1,37 @@ +/* Krb5 Auth Applet -- Acquire and release kerberos tickets + * + * (C) 2008 Guido Guenther + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + */ + +#ifndef KA_DBUS_H +#define KA_DBUS_H + +#include +#include +#include +#include "ka-applet-priv.h" + +gboolean ka_dbus_connect(unsigned int* status); +gboolean ka_dbus_service(KaApplet* applet); +gboolean ka_dbus_acquire_tgt (KaApplet *applet, + const gchar *principal, + DBusGMethodInvocation *context); +gboolean ka_dbus_destroy_ccache(KaApplet* applet, + DBusGMethodInvocation *context); + +#endif /* KA_DBUS_H */ diff --git a/src/ka-dbus.xml b/src/ka-dbus.xml new file mode 100644 index 0000000..9d6b1a4 --- /dev/null +++ b/src/ka-dbus.xml @@ -0,0 +1,30 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/src/ka-dialog.c b/src/ka-dialog.c new file mode 100644 index 0000000..f8d0fea --- /dev/null +++ b/src/ka-dialog.c @@ -0,0 +1,1171 @@ +/* + * Copyright (C) 2004,2005,2006 Red Hat, Inc. + * Authored by Christopher Aillon + * + * Copyright (C) 2008,2009,2010 Guido Guenther + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + */ + +#include "config.h" + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "gtksecentry.h" +#include "secmem-util.h" +#include "memory.h" + +#include "ka-dialog.h" +#include "ka-applet-priv.h" +#include "ka-pwdialog.h" +#include "ka-dbus.h" +#include "ka-tools.h" +#include "ka-tickets.h" + +#ifdef ENABLE_NETWORK_MANAGER +#include +#endif + +#ifdef HAVE_HX509_ERR_H +# include +#endif + +static krb5_context kcontext; +static krb5_principal kprincipal; +static krb5_timestamp creds_expiry; +static krb5_timestamp canceled_creds_expiry; +static gboolean canceled; +static gboolean invalid_auth; +static gboolean always_run; +static gboolean is_online = TRUE; + +static int grab_credentials (KaApplet* applet); +static int ka_renew_credentials (KaApplet* applet); +static gboolean ka_get_tgt_from_ccache (krb5_context context, krb5_creds *creds); + +#ifdef ENABLE_NETWORK_MANAGER +libnm_glib_ctx *nm_context; +#endif + +/* YAY for different Kerberos implementations */ +static int +get_cred_forwardable(krb5_creds *creds) +{ +#if defined(HAVE_KRB5_CREDS_TICKET_FLAGS) && defined(TKT_FLG_FORWARDABLE) + return creds->ticket_flags & TKT_FLG_FORWARDABLE; +#elif defined(HAVE_KRB5_CREDS_FLAGS_B_FORWARDABLE) + return creds->flags.b.forwardable; +#elif defined(HAVE_KRB5_CREDS_FLAGS) && defined(KDC_OPT_FORWARDABLE) + return creds->flags & KDC_OPT_FORWARDABLE; +#endif +} + +static int +get_cred_renewable(krb5_creds *creds) +{ +#if defined(HAVE_KRB5_CREDS_TICKET_FLAGS) && defined(TKT_FLG_RENEWABLE) + return creds->ticket_flags & TKT_FLG_RENEWABLE; +#elif defined(HAVE_KRB5_CREDS_FLAGS_B_RENEWABLE) + return creds->flags.b.renewable; +#elif defined(HAVE_KRB5_CREDS_FLAGS) && defined(KDC_OPT_RENEWABLE) + return creds->flags & KDC_OPT_RENEWABLE; +#endif +} + +static krb5_error_code +get_renewed_creds(krb5_context context, + krb5_creds *creds, + krb5_principal client, + krb5_ccache ccache, + char *in_tkt_service) +{ +#ifdef HAVE_KRB5_GET_RENEWED_CREDS + return krb5_get_renewed_creds (context, creds, client, ccache, in_tkt_service); +#else + return 1; /* XXX is there something better to return? */ +#endif +} + +static int +get_cred_proxiable(krb5_creds *creds) +{ +#if defined(HAVE_KRB5_CREDS_TICKET_FLAGS) && defined(TKT_FLG_PROXIABLE) + return creds->ticket_flags & TKT_FLG_PROXIABLE; +#elif defined(HAVE_KRB5_CREDS_FLAGS_B_PROXIABLE) + return creds->flags.b.proxiable; +#elif defined(HAVE_KRB5_CREDS_FLAGS) && defined(KDC_OPT_PROXIABLE) + return creds->flags & KDC_OPT_PROXIABLE; +#endif +} + +static size_t +get_principal_realm_length(krb5_principal p) +{ +#if defined(HAVE_KRB5_PRINCIPAL_REALM_AS_STRING) + return strlen(p->realm); +#elif defined(HAVE_KRB5_PRINCIPAL_REALM_AS_DATA) + return p->realm.length; +#endif +} + +static const char * +get_principal_realm_data(krb5_principal p) +{ +#if defined(HAVE_KRB5_PRINCIPAL_REALM_AS_STRING) + return p->realm; +#elif defined(HAVE_KRB5_PRINCIPAL_REALM_AS_DATA) + return p->realm.data; +#endif +} + +static void +ka_krb5_free_error_message(krb5_context context, const char* msg) +{ +#if defined(HAVE_KRB5_FREE_ERROR_MESSAGE) + krb5_free_error_message(context, msg); +#elif defined(HAVE_KRB5_FREE_ERROR_STRING) + krb5_free_error_string(context, (char *) msg); +#else +# error No way to free error string. +#endif +} + +/* + * Returns a descriptive error message or kerberos related error + * returned pointer must be freed using g_free(). + */ +static char* +ka_get_error_message(krb5_context context, krb5_error_code err) +{ + char *msg = NULL; +#if defined(HAVE_KRB5_GET_ERROR_MESSAGE) + const char *krberr; + + krberr = krb5_get_error_message(context, err); + msg = g_strdup(krberr); + ka_krb5_free_error_message(context, krberr); +#else +# error No detailed error message information +#endif + if (msg == NULL) + msg = g_strdup(_("unknown error")); + return msg; +} + + +static void +ka_krb5_cc_clear_mcred(krb5_creds* mcred) +{ +#if defined HAVE_KRB5_CC_CLEAR_MCRED + krb5_cc_clear_mcred(mcred); +#else + memset(mcred, 0, sizeof(krb5_creds)); +#endif +} + + +/* ***************************************************************** */ +/* ***************************************************************** */ + +/* log a kerberos error messge */ +static void +ka_log_error_message(const char* prefix, krb5_context context, krb5_error_code err) +{ + char *errmsg = ka_get_error_message(context, err); + + g_warning("%s: %s", prefix, errmsg); + g_free (errmsg); +} + + +static gboolean +credentials_expiring_real (KaApplet* applet) +{ + krb5_creds my_creds; + krb5_timestamp now; + gboolean retval = FALSE; + + ka_applet_set_tgt_renewable(applet, FALSE); + if (!ka_get_tgt_from_ccache (kcontext, &my_creds)) { + creds_expiry = 0; + retval = TRUE; + goto out; + } + + /* copy principal from cache if any */ + if (krb5_principal_compare (kcontext, my_creds.client, kprincipal)) { + krb5_free_principal(kcontext, kprincipal); + krb5_copy_principal(kcontext, my_creds.client, &kprincipal); + } + creds_expiry = my_creds.times.endtime; + if ((krb5_timeofday(kcontext, &now) == 0) && + (now + ka_applet_get_pw_prompt_secs(applet) > my_creds.times.endtime)) + retval = TRUE; + + /* If our creds are expiring, determine whether they are renewable */ + if (retval && get_cred_renewable(&my_creds) && my_creds.times.renew_till > now) { + ka_applet_set_tgt_renewable(applet, TRUE); + } + + krb5_free_cred_contents (kcontext, &my_creds); +out: + ka_applet_update_status(applet, creds_expiry); + return retval; +} + + +/* time in seconds the tgt will be still valid */ +int +ka_tgt_valid_seconds() +{ + krb5_timestamp now; + + if (krb5_timeofday(kcontext, &now)) + return 0; + + return (creds_expiry - now); +} + + +/* return credential cache filename, strip "FILE:" prefix if necessary */ +static const char* +ka_ccache_filename (void) +{ + const gchar *name; + + name = krb5_cc_default_name (kcontext); + if (g_str_has_prefix (name, "FILE:")) + return strchr(name,':')+1; + else if (g_str_has_prefix (name, "SCC:")) + g_warning ("Cannot monitor sqlite based cache '%s'", name); + else + g_warning ("Unsupported cache type for '%s'", name); + return NULL; +} + + +static void +ka_format_time (time_t t, gchar *ts, size_t len) +{ + g_strlcpy(ts, ctime(&t)+ 4, len); + ts[15] = 0; +} + + +/* fill in service tickets data */ +gboolean +ka_get_service_tickets (GtkListStore *tickets) +{ + krb5_cc_cursor cursor; + krb5_creds creds; + krb5_error_code ret; + GtkTreeIter iter; + krb5_ccache ccache; + char *name; + krb5_timestamp sec; + gchar start_time[128], end_time[128], end_time_markup[256]; + gboolean retval = FALSE; + + gtk_list_store_clear(tickets); + + krb5_timeofday (kcontext, &sec); + ret = krb5_cc_default (kcontext, &ccache); + g_return_val_if_fail (!ret, FALSE); + + ret = krb5_cc_start_seq_get (kcontext, ccache, &cursor); + if (ret) { + ka_log_error_message("krb5_cc_start_seq_get", kcontext, ret); + + /* if the file doesn't exist, it's not an error if we can't + * parse it */ + if (!g_file_test(ka_ccache_filename (), + G_FILE_TEST_EXISTS)) + retval = TRUE; + goto out; + } + + while ((ret = krb5_cc_next_cred (kcontext, + ccache, + &cursor, + &creds)) == 0) { + gboolean renewable, proxiable, forwardable; + + if (creds.times.starttime) + ka_format_time(creds.times.starttime, start_time, + sizeof(start_time)); + else + ka_format_time(creds.times.authtime, start_time, + sizeof(start_time)); + + ka_format_time(creds.times.endtime, end_time, + sizeof(end_time)); + if (creds.times.endtime > sec) + strcpy(end_time_markup, end_time); + else + g_snprintf(end_time_markup, sizeof(end_time_markup), + "%s (%s)", + end_time, _("Expired")); + + forwardable = get_cred_forwardable(&creds); + renewable = get_cred_renewable(&creds); + proxiable = get_cred_proxiable(&creds); + + ret = krb5_unparse_name (kcontext, creds.server, &name); + if (!ret) { + gtk_list_store_append(tickets, &iter); + gtk_list_store_set(tickets, &iter, + PRINCIPAL_COLUMN, name, + START_TIME_COLUMN, start_time, + END_TIME_COLUMN, end_time_markup, + FORWARDABLE_COLUMN, forwardable, + RENEWABLE_COLUMN, renewable, + PROXIABLE_COLUMN, proxiable, + -1); + free(name); + } else + ka_log_error_message("krb5_unparse_name", kcontext, ret); + krb5_free_cred_contents (kcontext, &creds); + } + if(ret != KRB5_CC_END) + ka_log_error_message("krb5_cc_get_next", kcontext, ret); + + ret = krb5_cc_end_seq_get (kcontext, ccache, &cursor); + if (ret) + ka_log_error_message("krb5_cc_end_seq_get", kcontext, ret); + + retval = TRUE; +out: + ret = krb5_cc_close (kcontext, ccache); + g_return_val_if_fail (!ret, FALSE); + + return retval; +} + + +/* Check for things we have to do while the password dialog is open */ +static gboolean +krb5_auth_dialog_do_updates (gpointer data) +{ + KaApplet* applet = KA_APPLET(data); + KaPwDialog* pwdialog = ka_applet_get_pwdialog(applet); + + g_return_val_if_fail (pwdialog != NULL, FALSE); + /* Update creds_expiry and close the applet if we got the creds by other means (e.g. kinit) */ + if (!credentials_expiring_real(applet)) + ka_pwdialog_hide(pwdialog, FALSE); + + /* Update the expiry information in the dialog */ + ka_pwdialog_status_update (pwdialog); + return TRUE; +} + + +static krb5_error_code +auth_dialog_prompter (krb5_context ctx G_GNUC_UNUSED, + void *data, + const char *name G_GNUC_UNUSED, + const char *banner G_GNUC_UNUSED, + int num_prompts, + krb5_prompt prompts[]) +{ + KaApplet *applet = KA_APPLET(data); + KaPwDialog *pwdialog = ka_applet_get_pwdialog(applet); + krb5_error_code errcode; + int i; + + errcode = KRB5KRB_ERR_GENERIC; + canceled = FALSE; + canceled_creds_expiry = 0; + + for (i = 0; i < num_prompts; i++) { + const gchar *password = NULL; + int password_len = 0; + int response; + guint32 source_id; + + errcode = KRB5_LIBOS_CANTREADPWD; + + source_id = g_timeout_add_seconds (5, (GSourceFunc)krb5_auth_dialog_do_updates, applet); + ka_pwdialog_setup (pwdialog, (gchar *) prompts[i].prompt, invalid_auth); + response = ka_pwdialog_run (pwdialog); + switch (response) + { + case GTK_RESPONSE_OK: + password = ka_pwdialog_get_password(pwdialog); + password_len = strlen (password); + break; + case GTK_RESPONSE_DELETE_EVENT: + case GTK_RESPONSE_CANCEL: + canceled = TRUE; + break; + case GTK_RESPONSE_NONE: + break; + default: + g_warning ("Unknown Response: %d", response); + g_assert_not_reached (); + } + g_source_remove (source_id); + + if (!password) + goto cleanup; + if (password_len+1 > prompts[i].reply->length) { + g_warning("Password too long %d/%d", password_len+1, prompts[i].reply->length); + goto cleanup; + } + + memcpy(prompts[i].reply->data, (char *) password, password_len + 1); + prompts[i].reply->length = password_len; + errcode = 0; + } +cleanup: + ka_pwdialog_hide (pwdialog, TRUE); + /* Reset this, so we know the next time we get a TRUE value, it is accurate. */ + invalid_auth = FALSE; + + return errcode; +} + + +#ifdef ENABLE_NETWORK_MANAGER +static void +network_state_cb (libnm_glib_ctx *context, + gpointer data) +{ + gboolean *online = (gboolean*) data; + + libnm_glib_state state; + + state = libnm_glib_get_network_state (context); + + switch (state) + { + case LIBNM_NO_DBUS: + case LIBNM_NO_NETWORKMANAGER: + case LIBNM_INVALID_CONTEXT: + /* do nothing */ + break; + case LIBNM_NO_NETWORK_CONNECTION: + *online = FALSE; + break; + case LIBNM_ACTIVE_NETWORK_CONNECTION: + *online = TRUE; + break; + } +} +#endif + +/* credentials expiring timer */ +static gboolean +credentials_expiring (gpointer *data) +{ + int retval; + gboolean give_up; + KaApplet* applet = KA_APPLET(data); + + KA_DEBUG("Checking expiry <%ds", ka_applet_get_pw_prompt_secs(applet)); + if (credentials_expiring_real (applet) && is_online) { + KA_DEBUG("Expiry @ %ld", creds_expiry); + + if (!ka_renew_credentials (applet)) { + KA_DEBUG("Credentials renewed"); + goto out; + } + + /* no popup when using a trayicon */ + if (ka_applet_get_show_trayicon(applet)) + goto out; + + give_up = canceled && (creds_expiry == canceled_creds_expiry); + if (!give_up) { + do { + retval = grab_credentials (applet); + give_up = canceled && + (creds_expiry == canceled_creds_expiry); + } while ((retval != 0) && + (retval != KRB5_REALM_CANT_RESOLVE) && + (retval != KRB5_KDC_UNREACH) && + invalid_auth && + !give_up); + } + } +out: + ka_applet_update_status(applet, creds_expiry); + return TRUE; +} + + +/* + * set ticket options by looking at krb5.conf and gconf + */ +static void +ka_set_ticket_options(KaApplet* applet, krb5_context context, + krb5_get_init_creds_opt *out, + const char* pk_userid G_GNUC_UNUSED, + const char* pk_anchors G_GNUC_UNUSED) +{ + gboolean flag; +#ifdef HAVE_KRB5_GET_INIT_CREDS_OPT_SET_DEFAULT_FLAGS + krb5_get_init_creds_opt_set_default_flags(context, PACKAGE, + krb5_principal_get_realm(context, kprincipal), out); +#endif + g_object_get(applet, "tgt-forwardable", &flag, NULL); + if (flag) + krb5_get_init_creds_opt_set_forwardable(out, flag); + g_object_get(applet, "tgt-proxiable", &flag, NULL); + if (flag) + krb5_get_init_creds_opt_set_proxiable(out, flag); + g_object_get(applet, "tgt-renewable", &flag, NULL); + if (flag) { + krb5_deltat r = 3600*24*30; /* 1 month */ + krb5_get_init_creds_opt_set_renew_life (out, r); + } + +#if ENABLE_PKINIT && HAVE_KRB5_GET_INIT_CREDS_OPT_SET_PA + /* pkinit optins for MIT Kerberos */ + if (pk_userid && strlen(pk_userid)) { + KA_DEBUG("pkinit with '%s'", pk_userid); + krb5_get_init_creds_opt_set_pa(context, out, + "X509_user_identity", pk_userid); + if (pk_anchors && strlen(pk_anchors)) { + KA_DEBUG("pkinit anchors '%s'", pk_anchors); + krb5_get_init_creds_opt_set_pa(context, out, + "X509_anchors", pk_anchors); + } + } +#endif /* HAVE_KRB5_GET_INIT_CREDS_OPT_SET_PA */ +} + + +/* + * set ticket options + * by looking at krb5.conf, the passed in creds and gconf + */ +static void +set_options_from_creds(const KaApplet* applet, + krb5_context context, + krb5_creds *in, + krb5_get_init_creds_opt *out) +{ + krb5_deltat renew_lifetime; + int flag; + +#ifdef HAVE_KRB5_GET_INIT_CREDS_OPT_SET_DEFAULT_FLAGS + krb5_get_init_creds_opt_set_default_flags(context, PACKAGE, + krb5_principal_get_realm(context, kprincipal), out); +#endif + + flag = get_cred_forwardable(in) != 0; + krb5_get_init_creds_opt_set_forwardable(out, flag); + flag = get_cred_proxiable(in) != 0; + krb5_get_init_creds_opt_set_proxiable(out, flag); + flag = get_cred_renewable(in) != 0; + if (flag && (in->times.renew_till > in->times.starttime)) { + renew_lifetime = in->times.renew_till - + in->times.starttime; + krb5_get_init_creds_opt_set_renew_life(out, + renew_lifetime); + } + if (in->times.endtime > + in->times.starttime + ka_applet_get_pw_prompt_secs(applet)) { + krb5_get_init_creds_opt_set_tkt_life(out, + in->times.endtime - + in->times.starttime); + } + /* This doesn't do a deep copy -- fix it later. */ + /* krb5_get_init_creds_opt_set_address_list(out, creds->addresses); */ +} + + +#if ENABLE_PKINIT && HAVE_KRB5_GET_INIT_CREDS_OPT_SET_PKINIT +static krb5_error_code +ka_auth_heimdal_pkinit(KaApplet* applet, krb5_creds* creds, + const char* pk_userid, const char* pk_anchors) +{ + krb5_get_init_creds_opt *opts = NULL; + krb5_error_code retval; + const char* pkinit_anchors = NULL; + + KA_DEBUG("pkinit with '%s'", pk_userid); + if (pk_anchors && strlen (pk_anchors)) { + pkinit_anchors = pk_anchors; + KA_DEBUG("pkinit anchors '%s'", pkinit_anchors); + } + + if ((retval = krb5_get_init_creds_opt_alloc (kcontext, &opts))) + goto out; + + ka_set_ticket_options (applet, kcontext, opts, NULL, NULL); + retval = krb5_get_init_creds_opt_set_pkinit(kcontext, opts, + kprincipal, + pk_userid, + pkinit_anchors, + NULL, + NULL, + 0, /* pk_use_enc_key */ + auth_dialog_prompter, + applet, /* data */ + NULL); /* passwd */ + KA_DEBUG("pkinit returned with %d", retval); + if (retval) + goto out; + + retval = krb5_get_init_creds_password(kcontext, creds, kprincipal, + NULL, auth_dialog_prompter, applet, + 0, NULL, opts); +out: + if (opts) + krb5_get_init_creds_opt_free(kcontext, opts); + return retval; +} +#endif /* ! ENABLE_PKINIT */ + +static krb5_error_code +ka_auth_password(KaApplet* applet, krb5_creds* creds, + const char* pk_userid, const char* pk_anchors) +{ + krb5_error_code retval; + krb5_get_init_creds_opt *opts = NULL; + + if ((retval = krb5_get_init_creds_opt_alloc (kcontext, &opts))) + goto out; + ka_set_ticket_options (applet, kcontext, opts, + pk_userid, pk_anchors); + + retval = krb5_get_init_creds_password(kcontext, creds, kprincipal, + NULL, auth_dialog_prompter, applet, + 0, NULL, opts); +out: + if (opts) + krb5_get_init_creds_opt_free(kcontext, opts); + return retval; +} + +static krb5_error_code +ka_parse_name(KaApplet* applet, krb5_context krbcontext, krb5_principal* kprinc) +{ + krb5_error_code ret; + gchar *principal = NULL; + + if (*kprinc != NULL) + krb5_free_principal(krbcontext, *kprinc); + + g_object_get(applet, "principal", &principal, NULL); + ret = krb5_parse_name(krbcontext, principal, kprinc); + + g_free(principal); + return ret; +} + + +/* + * return current principal in text form + * + * caller needs to free the returned result using g_free(); + */ +char* +ka_unparse_name () +{ + char *princ, *gprinc = NULL; + krb5_error_code err; + + if (!kprincipal) + goto out; + + if ((err = krb5_unparse_name (kcontext, kprincipal, &princ))) { + ka_log_error_message(__func__, kcontext, err); + goto out; + } + + gprinc = g_strdup (princ); + free (princ); +out: + return gprinc; +} + + +static void +ccache_changed_cb (GFileMonitor *monitor G_GNUC_UNUSED, + GFile *file, + GFile *other_file G_GNUC_UNUSED, + GFileMonitorEvent event_type, + gpointer data) +{ + KaApplet *applet = KA_APPLET(data); + gchar *ccache_name = g_file_get_path(file); + + switch (event_type) { + case G_FILE_MONITOR_EVENT_DELETED: + case G_FILE_MONITOR_EVENT_CREATED: + case G_FILE_MONITOR_EVENT_CHANGED: + KA_DEBUG ("%s changed", ccache_name); + credentials_expiring ((gpointer)applet); + break; + default: + KA_DEBUG ("%s unhandled event: %d", ccache_name, event_type); + } + g_free (ccache_name); +} + + +static gboolean +monitor_ccache(KaApplet *applet) +{ + const gchar *ccache_name; + GFile *ccache; + GFileMonitor *monitor; + GError *err = NULL; + gboolean ret = FALSE; + + ccache_name = ka_ccache_filename (); + g_return_val_if_fail (ccache_name != NULL, FALSE); + + ccache = g_file_new_for_path (ccache_name); + monitor = g_file_monitor_file (ccache, G_FILE_MONITOR_NONE, NULL, &err); + g_assert ((!monitor && err) || (monitor && !err)); + if (!monitor) { + /* cache disappeared? */ + if (err->code == G_FILE_ERROR_NOENT) + credentials_expiring ((gpointer)applet); + else + g_warning ("Failed to monitor %s: %s", ccache_name, err->message); + goto out; + } else { + /* g_file_monitor_set_rate_limit(monitor, 10*1000); */ + g_signal_connect (monitor, "changed", G_CALLBACK (ccache_changed_cb), applet); + KA_DEBUG ("Monitoring %s", ccache_name); + ret = TRUE; + } +out: + g_object_unref (ccache); + if (err) + g_error_free (err); + return ret; +} + + +/* grab credentials interactively */ +static int +grab_credentials (KaApplet* applet) +{ + krb5_error_code retval = KRB5_KDC_UNREACH; + krb5_creds my_creds; + krb5_ccache ccache; + gchar *pk_userid = NULL; + gchar *pk_anchors = NULL; + gchar *errmsg = NULL; + gboolean pw_auth = TRUE; + + memset(&my_creds, 0, sizeof(my_creds)); + + retval = ka_parse_name(applet, kcontext, &kprincipal); + if (retval) + goto out2; + + retval = krb5_cc_default (kcontext, &ccache); + if (retval) + goto out2; + + g_object_get(applet, "pk-userid", &pk_userid, + "pk-anchors", &pk_anchors, + NULL); +#if ENABLE_PKINIT && HAVE_HX509_ERR_H && HAVE_KRB5_GET_INIT_CREDS_OPT_SET_PKINIT + /* pk_userid set: try pkinit */ + if (pk_userid && strlen(pk_userid)) { + retval = ka_auth_heimdal_pkinit(applet, &my_creds, + pk_userid, pk_anchors); + /* other error than: "no token found" - no need to try password auth: */ + if (retval != HX509_PKCS11_NO_TOKEN && retval != HX509_PKCS11_NO_SLOT) + pw_auth = FALSE; + } +#endif /* ENABLE_PKINIT */ + if (pw_auth) + retval = ka_auth_password(applet, &my_creds, + pk_userid, pk_anchors); + + creds_expiry = my_creds.times.endtime; + if (canceled) + canceled_creds_expiry = creds_expiry; + if (retval) { + switch (retval) { + case KRB5KDC_ERR_PREAUTH_FAILED: + case KRB5KRB_AP_ERR_BAD_INTEGRITY: +#ifdef HAVE_HX509_ERR_H + case HX509_PKCS11_LOGIN: +#endif /* Invalid password/pin, try again. */ + invalid_auth = TRUE; + break; + default: + errmsg = ka_get_error_message(kcontext, retval); + KA_DEBUG("Auth failed with %d: %s", retval, + errmsg); + g_free(errmsg); + break; + } + goto out; + } + retval = krb5_cc_initialize(kcontext, ccache, kprincipal); + if (retval) + goto out; + + retval = krb5_cc_store_cred(kcontext, ccache, &my_creds); + if (retval) + goto out; +out: + krb5_free_cred_contents (kcontext, &my_creds); + krb5_cc_close (kcontext, ccache); +out2: + g_free(pk_userid); + return retval; +} + +/* try to renew the credentials noninteractively */ +static int +ka_renew_credentials (KaApplet* applet) +{ + krb5_error_code retval; + krb5_creds my_creds; + krb5_ccache ccache; + krb5_get_init_creds_opt opts; + + if (kprincipal == NULL) { + retval = ka_parse_name(applet, kcontext, &kprincipal); + if (retval) + return retval; + } + + retval = krb5_cc_default (kcontext, &ccache); + if (retval) + return retval; + + retval = ka_get_tgt_from_ccache (kcontext, &my_creds); + if (!retval) { + krb5_cc_close (kcontext, ccache); + return -1; + } + + krb5_get_init_creds_opt_init (&opts); + set_options_from_creds (applet, kcontext, &my_creds, &opts); + + if (ka_applet_get_tgt_renewable(applet)) { + + retval = get_renewed_creds (kcontext, &my_creds, kprincipal, ccache, NULL); + if (retval) + goto out; + + retval = krb5_cc_initialize(kcontext, ccache, kprincipal); + if(retval) { + ka_log_error_message("krb5_cc_initialize", kcontext, retval); + goto out; + } + retval = krb5_cc_store_cred(kcontext, ccache, &my_creds); + if (retval) { + ka_log_error_message("krb5_cc_store_cred", kcontext, retval); + goto out; + } + ka_applet_signal_emit (applet, KA_SIGNAL_RENEWED_TGT, + my_creds.times.endtime); + } +out: + creds_expiry = my_creds.times.endtime; + krb5_free_cred_contents (kcontext, &my_creds); + krb5_cc_close (kcontext, ccache); + return retval; +} + + +/* get principal associated with the default credentials cache - if found store + * it in *creds, return FALSE otwerwise */ +static gboolean +ka_get_tgt_from_ccache (krb5_context context, krb5_creds *creds) +{ + krb5_ccache ccache; + krb5_creds pattern; + krb5_principal principal; + gboolean ret = FALSE; + + ka_krb5_cc_clear_mcred(&pattern); + + if (krb5_cc_default(context, &ccache)) + return FALSE; + + if (krb5_cc_get_principal(context, ccache, &principal)) + goto out; + + if (krb5_build_principal_ext(context, &pattern.server, + get_principal_realm_length(principal), + get_principal_realm_data(principal), + KRB5_TGS_NAME_SIZE, + KRB5_TGS_NAME, + get_principal_realm_length(principal), + get_principal_realm_data(principal), 0)) { + goto out_free_princ; + } + + pattern.client = principal; + if (!krb5_cc_retrieve_cred(context, ccache, 0, &pattern, creds)) + ret = TRUE; + krb5_free_principal(context, pattern.server); + +out_free_princ: + krb5_free_principal(context, principal); +out: + krb5_cc_close(context, ccache); + return ret; +} + +static gboolean +using_krb5(void) +{ + krb5_error_code err; + gboolean have_tgt = FALSE; + krb5_creds creds; + + err = krb5_init_context(&kcontext); + if (err) + return FALSE; + + have_tgt = ka_get_tgt_from_ccache(kcontext, &creds); + if (have_tgt) { + krb5_copy_principal(kcontext, creds.client, &kprincipal); + krb5_free_cred_contents (kcontext, &creds); + } + return have_tgt; +} + + +gboolean +ka_destroy_ccache (KaApplet *applet) +{ + krb5_ccache ccache; + const char* cache; + krb5_error_code ret; + + cache = krb5_cc_default_name(kcontext); + ret = krb5_cc_resolve(kcontext, cache, &ccache); + ret = krb5_cc_destroy (kcontext, ccache); + + credentials_expiring_real(applet); + + if (ret) + return FALSE; + else + return TRUE; +} + + +/* + * check if we have valid credentials for the requested principal - if not, grab them + * principal: requested principal - if empty use default + */ +gboolean +ka_check_credentials (KaApplet *applet, const char* newprincipal) +{ + gboolean success = FALSE; + int retval; + char* principal; + + g_object_get(applet, "principal", &principal, NULL); + + if (strlen(newprincipal)) { + krb5_principal knewprinc; + + /* no ticket cache: is requested princ the one from our config? */ + if (!kprincipal && g_strcmp0(principal, newprincipal)) { + KA_DEBUG("Requested principal %s not %s", principal, newprincipal); + goto out; + } + + /* ticket cache: check if the requested principal is the one we have */ + retval = krb5_parse_name(kcontext, newprincipal, &knewprinc); + if (retval) { + g_warning ("Cannot parse principal '%s'", newprincipal); + goto out; + } + if (kprincipal && !krb5_principal_compare (kcontext, kprincipal, knewprinc)) { + KA_DEBUG("Current Principal '%s' not '%s'", principal, newprincipal); + krb5_free_principal(kcontext, knewprinc); + goto out; + } + krb5_free_principal(kcontext, knewprinc); + } + + if (credentials_expiring_real (applet)) { + if (!is_online) + success = FALSE; + else + success = ka_grab_credentials (applet); + } else + success = TRUE; +out: + g_free (principal); + return success; +} + + +/* initiate grabbing of credentials (e.g. on leftclick of tray icon) */ +gboolean +ka_grab_credentials (KaApplet* applet) +{ + int retval; + int success = FALSE; + KaPwDialog *pwdialog = ka_applet_get_pwdialog(applet); + + ka_pwdialog_set_persist(pwdialog, TRUE); + do { + retval = grab_credentials (applet); + if (invalid_auth) + continue; + if (canceled) + break; + if (retval) { + gchar *errmsg; + + errmsg = ka_get_error_message(kcontext, retval); + ka_pwdialog_error(pwdialog, errmsg); + g_free (errmsg); + break; + } else { + success = TRUE; + break; + } + } while(TRUE); + + ka_pwdialog_set_persist(pwdialog, FALSE); + credentials_expiring_real(applet); + + return success; +} + + +static void +ka_secmem_init (void) +{ + /* Initialize secure memory. 1 is too small, so the default size + will be used. */ + secmem_init (1); + secmem_set_flags (SECMEM_WARN); + drop_privs (); + + if (atexit (secmem_term)) + g_error("Couln't register atexit handler"); +} + + +static void +ka_nm_shutdown(void) +{ +#ifdef ENABLE_NETWORK_MANAGER + if (nm_context) { + libnm_glib_shutdown (nm_context); + nm_context = NULL; + } +#endif +} + + +static gboolean +ka_nm_init(void) +{ +#ifdef ENABLE_NETWORK_MANAGER + guint32 nm_callback_id; + + nm_context = libnm_glib_init (); + if (!nm_context) { + g_warning ("Could not initialize libnm_glib"); + } else { + nm_callback_id = libnm_glib_register_callback (nm_context, network_state_cb, &is_online, NULL); + if (nm_callback_id == 0) { + ka_nm_shutdown (); + + g_warning ("Could not connect to NetworkManager, connection status will not be managed!"); + } + } +#endif /* ENABLE_NETWORK_MANAGER */ + return TRUE; +} + + +int +main (int argc, char *argv[]) +{ + KaApplet *applet; + GOptionContext *context; + GError *error = NULL; + + guint status = 0; + gboolean run_auto = FALSE, run_always = FALSE; + + const char *help_msg = "Run '" PACKAGE " --help' to see a full list of available command line options"; + const GOptionEntry options [] = { + {"auto", 'a', 0, G_OPTION_ARG_NONE, &run_auto, + "Only run if an initialized ccache is found (default)", NULL}, + {"always", 'A', 0, G_OPTION_ARG_NONE, &run_always, + "Always run", NULL}, + { NULL, 0, 0, G_OPTION_ARG_NONE, NULL, NULL, NULL } + }; + + context = g_option_context_new ("- Kerberos 5 credential checking"); + g_option_context_add_main_entries (context, options, NULL); + g_option_context_add_group (context, gtk_get_option_group (TRUE)); + g_option_context_parse (context, &argc, &argv, &error); + + if (error) { + g_print ("%s\n%s\n", + error->message, + help_msg); + g_error_free (error); + return 1; + } + g_option_context_free (context); + + textdomain (PACKAGE); + bind_textdomain_codeset (PACKAGE, "UTF-8"); + bindtextdomain (PACKAGE, LOCALE_DIR); + ka_secmem_init(); + + if (!ka_dbus_connect (&status)) + exit(status); + + if (run_always && !run_auto) { + always_run = TRUE; + } + + if (using_krb5 () || always_run) { + g_set_application_name (KA_NAME); + + applet = ka_applet_create (); + if (!applet) + return 1; + ka_nm_init(); + + if (credentials_expiring ((gpointer)applet)) { + g_timeout_add_seconds (CREDENTIAL_CHECK_INTERVAL, (GSourceFunc)credentials_expiring, applet); + monitor_ccache (applet); + } + ka_dbus_service(applet); + gtk_main (); + } + ka_nm_shutdown(); + return 0; +} diff --git a/src/ka-dialog.h b/src/ka-dialog.h new file mode 100644 index 0000000..c62acb3 --- /dev/null +++ b/src/ka-dialog.h @@ -0,0 +1,32 @@ +/* Krb5 Auth Applet -- Acquire and release kerberos tickets + * + * (C) 2008 Guido Guenther + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + */ + +#ifndef KA_DIALOG +#define KA_DIALOG + +#include "ka-applet-priv.h" + +gboolean ka_destroy_ccache (KaApplet* applet); +gboolean ka_grab_credentials(KaApplet* applet); +gboolean ka_check_credentials (KaApplet *applet, const char* principal); +gboolean ka_get_service_tickets(GtkListStore *tickets); +char* ka_unparse_name(void); +int ka_tgt_valid_seconds(void); +#endif diff --git a/src/ka-gconf-tools.c b/src/ka-gconf-tools.c new file mode 100644 index 0000000..60fd567 --- /dev/null +++ b/src/ka-gconf-tools.c @@ -0,0 +1,149 @@ +/* Krb5 Auth Applet -- Acquire and release kerberos tickets + * + * (C) 2008,2009 Guido Guenther + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + */ +#include "config.h" + +#include +#include + +gboolean +ka_gconf_get_string (GConfClient* client, + const char* key, + char** value) +{ + GError* error = NULL; + gboolean success = FALSE; + GConfValue* gc_value; + + g_return_val_if_fail (client != NULL, FALSE); + g_return_val_if_fail (key != NULL, FALSE); + g_return_val_if_fail (*value == NULL, FALSE); + + if ((gc_value = gconf_client_get (client, key, &error))) { + if (gc_value->type == GCONF_VALUE_STRING) { + *value = g_strdup (gconf_value_get_string (gc_value)); + success = TRUE; + } else if (error) { + g_print ("%s", error->message); + g_error_free (error); + } + gconf_value_free (gc_value); + } + return success; +} + + +gboolean +ka_gconf_get_string_list (GConfClient* client, + const char* key, + GSList** list) +{ + GError* error = NULL; + gboolean success = FALSE; + + g_return_val_if_fail (client != NULL, FALSE); + g_return_val_if_fail (key != NULL, FALSE); + g_return_val_if_fail (*list == NULL, FALSE); + + if ((*list = gconf_client_get_list (client, key, + GCONF_VALUE_STRING, &error))) { + if (error) { + g_print ("%s", error->message); + g_error_free (error); + } else + success = TRUE; + } + return success; +} + + +gboolean +ka_gconf_get_int (GConfClient* client, + const char* key, + int* value) +{ + GError* error = NULL; + gboolean success = FALSE; + GConfValue* gc_value; + + g_return_val_if_fail (client != NULL, FALSE); + g_return_val_if_fail (key != NULL, FALSE); + g_return_val_if_fail (value != NULL, FALSE); + + if ((gc_value = gconf_client_get (client, key, &error))) + { + if (gc_value->type == GCONF_VALUE_INT) { + *value = gconf_value_get_int (gc_value); + success = TRUE; + } else if (error) { + g_print ("%s", error->message); + g_error_free (error); + } + gconf_value_free (gc_value); + } + return success; +} + + +gboolean +ka_gconf_get_bool (GConfClient* client, + const char* key, + gboolean* value) +{ + GError* error = NULL; + gboolean success = FALSE; + GConfValue* gc_value; + + g_return_val_if_fail (client != NULL, FALSE); + g_return_val_if_fail (key != NULL, FALSE); + g_return_val_if_fail (value != NULL, FALSE); + + if ((gc_value = gconf_client_get (client, key, &error))) { + if (gc_value->type == GCONF_VALUE_BOOL) { + *value = gconf_value_get_bool (gc_value); + success = TRUE; + } else if (error) { + g_print ("%s", error->message); + g_error_free (error); + } + gconf_value_free (gc_value); + } + return success; +} + + +gboolean +ka_gconf_set_bool (GConfClient* client, + const char* key, + gboolean value) +{ + GError* error = NULL; + + g_return_val_if_fail (client != NULL, FALSE); + g_return_val_if_fail (key != NULL, FALSE); + + if(!gconf_client_set_bool (client, key, value, &error)) { + if (error) { + g_print ("%s", error->message); + g_error_free (error); + } + return FALSE; + } + return TRUE; +} diff --git a/src/ka-gconf-tools.h b/src/ka-gconf-tools.h new file mode 100644 index 0000000..1d8151d --- /dev/null +++ b/src/ka-gconf-tools.h @@ -0,0 +1,48 @@ +/* Krb5 Auth Applet -- Acquire and release kerberos tickets + * + * (C) 2008,2009 Guido Guenther + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + */ + +#ifndef KA_GCONF_TOOLS_H +#define KA_GCONF_TOOLS_H + +#include "config.h" + +#include + +#define KA_GCONF_PATH "/apps/" PACKAGE +#define KA_GCONF_KEY_PRINCIPAL KA_GCONF_PATH "/principal" +#define KA_GCONF_KEY_PK_USERID KA_GCONF_PATH "/pk_userid" +#define KA_GCONF_KEY_PK_ANCHORS KA_GCONF_PATH "/pk_anchors" +#define KA_GCONF_KEY_PROMPT_MINS KA_GCONF_PATH "/prompt_minutes" +#define KA_GCONF_KEY_SHOW_TRAYICON KA_GCONF_PATH "/show_trayicon" +#define KA_GCONF_KEY_FORWARDABLE KA_GCONF_PATH "/forwardable" +#define KA_GCONF_KEY_RENEWABLE KA_GCONF_PATH "/renewable" +#define KA_GCONF_KEY_PROXIABLE KA_GCONF_PATH "/proxiable" +#define KA_GCONF_KEY_NOTIFY_VALID KA_GCONF_PATH "/notify/valid" +#define KA_GCONF_KEY_NOTIFY_EXPIRED KA_GCONF_PATH "/notify/expired" +#define KA_GCONF_KEY_NOTIFY_EXPIRING KA_GCONF_PATH "/notify/expiring" +#define KA_GCONF_KEY_PLUGINS_ENABLED KA_GCONF_PATH "/plugins/enabled" + +gboolean ka_gconf_get_string (GConfClient* client, const char* key, char** value); +gboolean ka_gconf_get_string_list (GConfClient* client, const char* key, GSList** list); +gboolean ka_gconf_get_int (GConfClient* client, const char* key, int* value); +gboolean ka_gconf_get_bool (GConfClient* client, const char* key, gboolean* value); +gboolean ka_gconf_set_bool (GConfClient* client, const char* key, gboolean value); + +#endif diff --git a/src/ka-gconf.c b/src/ka-gconf.c new file mode 100644 index 0000000..10ef703 --- /dev/null +++ b/src/ka-gconf.c @@ -0,0 +1,211 @@ +/* Krb5 Auth Applet -- Acquire and release kerberos tickets + * + * (C) 2008,2009 Guido Guenther + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + */ +#include "config.h" + +#include +#include + +#include "ka-applet-priv.h" +#include "ka-gconf-tools.h" +#include "ka-gconf.h" + +static gboolean +ka_gconf_set_principal (GConfClient* client, KaApplet* applet) +{ + gchar* principal = NULL; + + if(!ka_gconf_get_string (client, KA_GCONF_KEY_PRINCIPAL, &principal) + || !strlen(principal)) { + g_free (principal); + principal = g_strdup (g_get_user_name()); + } + g_object_set(applet, "principal", principal, NULL); + g_free (principal); + return TRUE; +} + + +static gboolean +ka_gconf_set_pk_userid (GConfClient* client, KaApplet* applet) +{ + gchar* pk_userid = NULL; + + if(!ka_gconf_get_string (client, KA_GCONF_KEY_PK_USERID, &pk_userid)) { + pk_userid = g_strdup (""); + } + g_object_set(applet, "pk_userid", pk_userid, NULL); + g_free (pk_userid); + return TRUE; +} + + +static gboolean +ka_gconf_set_pk_anchors (GConfClient* client, KaApplet* applet) +{ + gchar* pk_anchors = NULL; + + if(!ka_gconf_get_string (client, KA_GCONF_KEY_PK_ANCHORS, &pk_anchors)) { + pk_anchors = g_strdup (""); + } + g_object_set(applet, "pk_anchors", pk_anchors, NULL); + g_free (pk_anchors); + return TRUE; +} + + +static gboolean +ka_gconf_set_prompt_mins (GConfClient* client, KaApplet* applet) +{ + gint prompt_mins = 0; + + if(!ka_gconf_get_int (client, KA_GCONF_KEY_PROMPT_MINS, &prompt_mins)) { + prompt_mins = MINUTES_BEFORE_PROMPTING; + } + g_object_set(applet, "pw-prompt-mins", prompt_mins, NULL); + return TRUE; +} + + +static gboolean +ka_gconf_set_show_trayicon (GConfClient* client, KaApplet* applet) +{ + gboolean show_trayicon = TRUE; + + if(!ka_gconf_get_bool(client, KA_GCONF_KEY_SHOW_TRAYICON, &show_trayicon)) { + show_trayicon = TRUE; + } + g_object_set(applet, "show-trayicon", show_trayicon, NULL); + return TRUE; +} + + +static gboolean +ka_gconf_set_tgt_forwardable (GConfClient* client, KaApplet* applet) +{ + gboolean forwardable = FALSE; + + if(!ka_gconf_get_bool(client, KA_GCONF_KEY_FORWARDABLE, &forwardable)) { + forwardable = FALSE; + } + g_object_set(applet, "tgt-forwardable", forwardable, NULL); + return TRUE; +} + + +static gboolean +ka_gconf_set_tgt_renewable (GConfClient* client, KaApplet* applet) +{ + gboolean renewable = FALSE; + + if(!ka_gconf_get_bool(client, KA_GCONF_KEY_RENEWABLE, &renewable)) { + renewable = FALSE; + } + g_object_set(applet, "tgt-renewable", renewable, NULL); + return TRUE; +} + + +static gboolean +ka_gconf_set_tgt_proxiable (GConfClient* client, KaApplet* applet) +{ + gboolean proxiable = FALSE; + + if(!ka_gconf_get_bool(client, KA_GCONF_KEY_PROXIABLE, &proxiable)) { + proxiable = FALSE; + } + g_object_set(applet, "tgt-proxiable", proxiable, NULL); + return TRUE; +} + + +static void +ka_gconf_key_changed_callback (GConfClient* client, + guint cnxn_id G_GNUC_UNUSED, + GConfEntry* entry, + gpointer user_data) +{ + const char* key; + + KaApplet* applet = KA_APPLET(user_data); + key = gconf_entry_get_key (entry); + if (!key) + return; + KA_DEBUG("Key %s changed", key); + + if (g_strcmp0 (key, KA_GCONF_KEY_PRINCIPAL) == 0) { + ka_gconf_set_principal (client, applet); + } else if (g_strcmp0 (key, KA_GCONF_KEY_PROMPT_MINS) == 0) { + ka_gconf_set_prompt_mins (client, applet); + } else if (g_strcmp0 (key, KA_GCONF_KEY_SHOW_TRAYICON) == 0) { + ka_gconf_set_show_trayicon (client, applet); + } else if (g_strcmp0 (key, KA_GCONF_KEY_PK_USERID) == 0) { + ka_gconf_set_pk_userid (client, applet); + } else if (g_strcmp0 (key, KA_GCONF_KEY_PK_ANCHORS) == 0) { + ka_gconf_set_pk_anchors(client, applet); + } else if (g_strcmp0 (key, KA_GCONF_KEY_FORWARDABLE) == 0) { + ka_gconf_set_tgt_forwardable (client, applet); + } else if (g_strcmp0 (key, KA_GCONF_KEY_RENEWABLE) == 0) { + ka_gconf_set_tgt_renewable (client, applet); + } else if (g_strcmp0 (key, KA_GCONF_KEY_PROXIABLE) == 0) { + ka_gconf_set_tgt_proxiable (client, applet); + } else if (g_strcmp0 (key, KA_GCONF_KEY_NOTIFY_VALID) + || g_strcmp0 (key, KA_GCONF_KEY_NOTIFY_EXPIRING) + || g_strcmp0 (key, KA_GCONF_KEY_NOTIFY_EXPIRED) + || g_strcmp0 (key, KA_GCONF_KEY_PLUGINS_ENABLED)) { + /* nothing to do */ + } else + g_warning("Received notification for unknown gconf key %s", key); + return; +} + + +GConfClient* +ka_gconf_init (KaApplet* applet) +{ + GError *error = NULL; + GConfClient *client; + + client = gconf_client_get_default (); + gconf_client_add_dir (client, KA_GCONF_PATH, GCONF_CLIENT_PRELOAD_ONELEVEL, &error); + if (error) + goto out; + + gconf_client_notify_add (client, KA_GCONF_PATH, + ka_gconf_key_changed_callback, applet, NULL, &error); + if (error) + goto out; + + /* setup defaults */ + ka_gconf_set_principal (client, applet); + ka_gconf_set_prompt_mins (client, applet); + ka_gconf_set_show_trayicon (client, applet); + ka_gconf_set_pk_userid(client, applet); + ka_gconf_set_pk_anchors(client, applet); + ka_gconf_set_tgt_forwardable(client, applet); + ka_gconf_set_tgt_renewable(client, applet); + ka_gconf_set_tgt_proxiable(client, applet); +out: + if(error) { + client = NULL; + g_print ("%s", error->message); + g_error_free (error); + } + return client; +} diff --git a/src/ka-gconf.h b/src/ka-gconf.h new file mode 100644 index 0000000..a6b3872 --- /dev/null +++ b/src/ka-gconf.h @@ -0,0 +1,29 @@ +/* Krb5 Auth Applet -- Acquire and release kerberos tickets + * + * (C) 2008 Guido Guenther + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + */ + +#ifndef KA_GCONF_H +#define KA_GCONF_H + +#include +#include "ka-applet-priv.h" + +GConfClient* ka_gconf_init (KaApplet* applet); + +#endif diff --git a/src/ka-plugin-loader.c b/src/ka-plugin-loader.c new file mode 100644 index 0000000..2321215 --- /dev/null +++ b/src/ka-plugin-loader.c @@ -0,0 +1,204 @@ +/* + * Copyright (C) 2010 Guido Guenther + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#include + +#include "ka-plugin-loader.h" +#include "ka-plugin.h" +#include "ka-applet-priv.h" +#include "ka-gconf-tools.h" + +#include + +G_DEFINE_TYPE (KaPluginLoader, ka_plugin_loader, G_TYPE_OBJECT) + +#define GET_PRIVATE(o) \ + (G_TYPE_INSTANCE_GET_PRIVATE ((o), KA_TYPE_PLUGIN_LOADER, KaPluginLoaderPrivate)) + +typedef struct _KaPluginLoaderPrivate KaPluginLoaderPrivate; + +struct _KaPluginLoaderPrivate { + KaApplet *applet; + GSList *active_plugins; +}; + + +static KaPlugin* +load_plugin (const char *path) +{ + KaPlugin *plugin = NULL; + GModule *module; + KaPluginCreateFunc plugin_create_func; + int *major_plugin_version, *minor_plugin_version; + + module = g_module_open (path, G_MODULE_BIND_LAZY); + if (!module) { + g_warning ("Could not load plugin %s: %s", path, g_module_error ()); + return NULL; + } + + if (!g_module_symbol (module, "ka_plugin_major_version",(gpointer *) &major_plugin_version)) { + g_warning ("Could not load plugin %s: Missing major version info", path); + goto out; + } + + if (*major_plugin_version != KA_PLUGIN_MAJOR_VERSION) { + g_warning ("Could not load plugin %s: Plugin major version %d, %d is required", + path, *major_plugin_version, KA_PLUGIN_MAJOR_VERSION); + goto out; + } + + if (!g_module_symbol (module, "ka_plugin_minor_version", (gpointer *) &minor_plugin_version)) { + g_warning ("Could not load plugin %s: Missing minor version info", path); + goto out; + } + + if (*minor_plugin_version != KA_PLUGIN_MINOR_VERSION) { + g_warning ("Could not load plugin %s: Plugin minor version %d, %d is required", + path, *minor_plugin_version, KA_PLUGIN_MINOR_VERSION); + goto out; + } + + if (!g_module_symbol (module, "ka_plugin_create", (gpointer *) &plugin_create_func)) { + g_warning ("Could not load plugin %s: %s", path, g_module_error ()); + goto out; + } + + plugin = (*plugin_create_func) (); + if (plugin) { + g_object_weak_ref (G_OBJECT (plugin), (GWeakNotify) g_module_close, module); + g_message ("Loaded plugin %s", ka_plugin_get_name (plugin)); + } else + g_warning ("Could not load plugin %s: initialization failed", path); +out: + if (!plugin) + g_module_close (module); + + return plugin; +} + + +static void +load_plugins (KaPluginLoader *self) +{ + int i; + KaPluginLoaderPrivate *priv = GET_PRIVATE (self); + const char *pname; + GConfClient *gconf; + GSList *plugins = NULL; + + if (!g_module_supported ()) { + g_warning ("GModules are not supported on your platform!"); + return; + } + gconf = ka_applet_get_gconf_client (priv->applet); + + /* For now we only load the plugins on program startup */ + ka_gconf_get_string_list(gconf, KA_GCONF_KEY_PLUGINS_ENABLED, &plugins); + if (!plugins) { + g_message ("No plugins to load"); + return ; + } + + for (i=0; (pname = g_slist_nth_data (plugins, i)) != NULL; i++) { + char *path; + char *fname; + KaPlugin *plugin; + + fname = g_strdup_printf("libka-plugin-%s.%s", pname, G_MODULE_SUFFIX); + path = g_module_build_path (KA_PLUGINS_DIR, fname); + + plugin = load_plugin (path); + if (plugin) { + ka_plugin_activate(plugin, priv->applet); + priv->active_plugins = g_slist_prepend (priv->active_plugins, plugin); + } + g_free (fname); + g_free (path); + } + g_slist_free (plugins); +} + + +static void +deactivate_plugin(gpointer plugin, gpointer user_data) +{ + KaApplet *applet = KA_APPLET (user_data); + + KA_DEBUG ("Deactivating plugin %s", ka_plugin_get_name (plugin)); + ka_plugin_deactivate (plugin, applet); +} + + +static void +ka_plugin_loader_dispose(GObject *object) +{ + KaPluginLoader *self = KA_PLUGIN_LOADER(object); + KaPluginLoaderPrivate *priv = GET_PRIVATE (self); + GObjectClass *parent_class = G_OBJECT_CLASS (ka_plugin_loader_parent_class); + + /* We need to do this before dropping the ref on applet */ + g_slist_foreach (priv->active_plugins, deactivate_plugin, priv->applet); + g_slist_free (priv->active_plugins); + + if (priv->applet) + priv->applet = NULL; + + if (parent_class->dispose != NULL) + parent_class->dispose (object); +} + + +static void +ka_plugin_loader_class_init (KaPluginLoaderClass *klass) +{ + GObjectClass *object_class = G_OBJECT_CLASS(klass); + + object_class->dispose = ka_plugin_loader_dispose; + g_type_class_add_private (klass, sizeof (KaPluginLoaderPrivate)); +} + + +static void +ka_plugin_loader_init (KaPluginLoader *self) +{ + KaPluginLoaderPrivate *priv = GET_PRIVATE (self); + priv->active_plugins = NULL; +} + + +static KaPluginLoader* +ka_plugin_loader_new (void) +{ + return g_object_new (KA_TYPE_PLUGIN_LOADER, NULL); +} + + +KaPluginLoader* +ka_plugin_loader_create (KaApplet* applet) +{ + KaPluginLoader *loader; + KaPluginLoaderPrivate *priv; + + loader = ka_plugin_loader_new(); + priv = GET_PRIVATE (loader); + priv->applet = applet; + load_plugins (loader); + + return loader; +} diff --git a/src/ka-plugin-loader.h b/src/ka-plugin-loader.h new file mode 100644 index 0000000..6f0560a --- /dev/null +++ b/src/ka-plugin-loader.h @@ -0,0 +1,58 @@ +/* + * Copyright (C) 2010 Guido Guenther + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifndef _KA_PLUGIN_LOADER +#define _KA_PLUGIN_LOADER + +#include +#include "ka-applet.h" + +G_BEGIN_DECLS + +#define KA_TYPE_PLUGIN_LOADER ka_plugin_loader_get_type() + +#define KA_PLUGIN_LOADER(obj) \ + (G_TYPE_CHECK_INSTANCE_CAST ((obj), KA_TYPE_PLUGIN_LOADER, KaPluginLoader)) + +#define KA_PLUGIN_LOADER_CLASS(klass) \ + (G_TYPE_CHECK_CLASS_CAST ((klass), KA_TYPE_PLUGIN_LOADER, KaPluginLoaderClass)) + +#define KA_IS_PLUGIN_LOADER(obj) \ + (G_TYPE_CHECK_INSTANCE_TYPE ((obj), KA_TYPE_PLUGIN_LOADER)) + +#define KA_IS_PLUGIN_LOADER_CLASS(klass) \ + (G_TYPE_CHECK_CLASS_TYPE ((klass), KA_TYPE_PLUGIN_LOADER)) + +#define KA_PLUGIN_LOADER_GET_CLASS(obj) \ + (G_TYPE_INSTANCE_GET_CLASS ((obj), KA_TYPE_PLUGIN_LOADER, KaPluginLoaderClass)) + +typedef struct { + GObject parent; +} KaPluginLoader; + +typedef struct { + GObjectClass parent_class; +} KaPluginLoaderClass; + +GType ka_plugin_loader_get_type (void); + +KaPluginLoader* ka_plugin_loader_create (KaApplet *applet); + +G_END_DECLS + +#endif /* _KA_PLUGIN_LOADER */ diff --git a/src/ka-plugin.c b/src/ka-plugin.c new file mode 100644 index 0000000..88fec34 --- /dev/null +++ b/src/ka-plugin.c @@ -0,0 +1,133 @@ +/* + * Copyright (C) 2010 Guido Guenther + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#include "ka-plugin.h" + +G_DEFINE_TYPE (KaPlugin, ka_plugin, G_TYPE_OBJECT) + +#define GET_PRIVATE(o) \ + (G_TYPE_INSTANCE_GET_PRIVATE ((o), KA_TYPE_PLUGIN, KaPluginPrivate)) + +enum { + PROP_0, + PROP_NAME, + LAST_PROP +}; + +typedef struct _KaPluginPrivate KaPluginPrivate; +struct _KaPluginPrivate { + char *name; +}; + +const char* +ka_plugin_get_name (KaPlugin *self) +{ + g_return_val_if_fail (KA_IS_PLUGIN (self), NULL); + KaPluginPrivate *priv = GET_PRIVATE (self); + + return priv->name; +} + + +static void +set_property (GObject *object, guint prop_id, + const GValue *value, GParamSpec *pspec) +{ + KaPluginPrivate *priv = GET_PRIVATE (object); + + switch (prop_id) { + case PROP_NAME: + /* construct only */ + priv->name = g_value_dup_string (value); + break; + default: + G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec); + break; + } +} + + +static void +get_property (GObject *object, guint prop_id, + GValue *value, GParamSpec *pspec) +{ + KaPluginPrivate *priv = GET_PRIVATE (object); + + switch (prop_id) { + case PROP_NAME: + g_value_set_string (value, priv->name); + break; + default: + G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec); + break; + } +} + + +static void +finalize (GObject *object) +{ + KaPluginPrivate *priv = GET_PRIVATE (object); + + g_free (priv->name); +} + + +void +ka_plugin_activate (KaPlugin *self, KaApplet *applet) +{ + g_return_if_fail (KA_IS_PLUGIN (self)); + + KA_PLUGIN_GET_CLASS (self)->activate (self, applet); +} + + +void +ka_plugin_deactivate (KaPlugin *self, KaApplet *applet) +{ + g_return_if_fail (KA_IS_PLUGIN (self)); + + KA_PLUGIN_GET_CLASS (self)->deactivate (self, applet); +} + + +static void +ka_plugin_class_init (KaPluginClass *klass) +{ + GObjectClass *object_class = G_OBJECT_CLASS (klass); + + g_type_class_add_private (klass, sizeof (KaPluginPrivate)); + + object_class->get_property = get_property; + object_class->set_property = set_property; + object_class->finalize = finalize; + + g_object_class_install_property + (object_class, PROP_NAME, + g_param_spec_string (KA_PLUGIN_PROP_NAME, + "Name", + "Plugin Name", + NULL, + G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY)); +} + + +static void +ka_plugin_init (KaPlugin *self G_GNUC_UNUSED) +{ +} diff --git a/src/ka-plugin.h b/src/ka-plugin.h new file mode 100644 index 0000000..ead9b96 --- /dev/null +++ b/src/ka-plugin.h @@ -0,0 +1,75 @@ +/* + * Copyright (C) 2010 Guido Guenther + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#ifndef _KA_PLUGIN +#define _KA_PLUGIN + +#include +#include "ka-applet.h" + +G_BEGIN_DECLS + +#define KA_PLUGIN_MAJOR_VERSION 0 +#define KA_PLUGIN_MINOR_VERSION 0 + +#define KA_TYPE_PLUGIN ka_plugin_get_type() + +#define KA_PLUGIN(obj) \ + (G_TYPE_CHECK_INSTANCE_CAST ((obj), KA_TYPE_PLUGIN, KaPlugin)) + +#define KA_PLUGIN_CLASS(klass) \ + (G_TYPE_CHECK_CLASS_CAST ((klass), KA_TYPE_PLUGIN, KaPluginClass)) + +#define KA_IS_PLUGIN(obj) \ + (G_TYPE_CHECK_INSTANCE_TYPE ((obj), KA_TYPE_PLUGIN)) + +#define KA_IS_PLUGIN_CLASS(klass) \ + (G_TYPE_CHECK_CLASS_TYPE ((klass), KA_TYPE_PLUGIN)) + +#define KA_PLUGIN_GET_CLASS(obj) \ + (G_TYPE_INSTANCE_GET_CLASS ((obj), KA_TYPE_PLUGIN, KaPluginClass)) + +#define KA_PLUGIN_PROP_NAME "name" + +typedef struct { + GObject parent; +} KaPlugin; + +typedef struct { + GObjectClass parent_class; + + void (*activate) (KaPlugin *self, KaApplet* applet); + void (*deactivate) (KaPlugin *self, KaApplet* applet); + + /* we'll add functions for prefs handling later */ + void (*dummy1) (KaPlugin *self, KaApplet* applet); + void (*dummy2) (KaPlugin *self, KaApplet* applet); +} KaPluginClass; + +GType ka_plugin_get_type (void); + +KaPlugin* ka_plugin_new (void); + +typedef KaPlugin *(*KaPluginCreateFunc) (void); +const char* ka_plugin_get_name (KaPlugin *self); +void ka_plugin_activate (KaPlugin *self, KaApplet *applet); +void ka_plugin_deactivate (KaPlugin *self, KaApplet *applet); + +G_END_DECLS + +#endif /* _KA_PLUGIN */ diff --git a/src/ka-pwdialog.c b/src/ka-pwdialog.c new file mode 100644 index 0000000..2f8463c --- /dev/null +++ b/src/ka-pwdialog.c @@ -0,0 +1,309 @@ +/* Krb5 Auth Applet -- Acquire and release kerberos tickets + * + * (C) 2009 Guido Guenther + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + */ + +#include "config.h" + +#include + +#include "ka-applet-priv.h" +#include "ka-dialog.h" +#include "ka-pwdialog.h" + +struct _KaPwDialog { + GObject parent; + + KaPwDialogPrivate *priv; +}; + +struct _KaPwDialogClass { + GObjectClass parent; +}; + +G_DEFINE_TYPE(KaPwDialog, ka_pwdialog, G_TYPE_OBJECT); + +struct _KaPwDialogPrivate +{ + /* The password dialog */ + GtkWidget* dialog; /* the password dialog itself */ + GtkWidget* status_label; /* the wrong password/timeout label */ + GtkWidget* krb_label; /* krb5 passwort prompt label */ + GtkWidget* pw_entry; /* password entry field */ + gboolean persist; /* don't hide the dialog when creds are still valid */ + gboolean grabbed; /* keyboard grabbed? */ + GtkWidget* error_dialog; /* error dialog */ +}; + + +static void +ka_pwdialog_init(KaPwDialog *pwdialog) +{ + pwdialog->priv = G_TYPE_INSTANCE_GET_PRIVATE(pwdialog, + KA_TYPE_PWDIALOG, + KaPwDialogPrivate); +} + +static void +ka_pwdialog_finalize(GObject *object) +{ + KaPwDialog* pwdialog = KA_PWDIALOG (object); + GObjectClass *parent_class = G_OBJECT_CLASS (ka_pwdialog_parent_class); + + gtk_widget_destroy (pwdialog->priv->error_dialog); + pwdialog->priv->error_dialog = NULL; + + if (parent_class->finalize != NULL) + parent_class->finalize (object); +} + +static void +ka_pwdialog_class_init(KaPwDialogClass *klass) +{ + GObjectClass *object_class = G_OBJECT_CLASS(klass); + + object_class->finalize = ka_pwdialog_finalize; + g_type_class_add_private(klass, sizeof(KaPwDialogPrivate)); + +} + +static KaPwDialog* +ka_pwdialog_new(void) +{ + return g_object_new (KA_TYPE_PWDIALOG, NULL); +} + + +static gboolean +grab_keyboard (GtkWidget *win, GdkEvent *event, gpointer data) +{ + KaPwDialog* pwdialog = KA_PWDIALOG(data); + + GdkGrabStatus status; + if (!pwdialog->priv->grabbed) { + status = gdk_keyboard_grab (win->window, FALSE, gdk_event_get_time (event)); + if (status == GDK_GRAB_SUCCESS) + pwdialog->priv->grabbed = TRUE; + else + g_message ("could not grab keyboard: %d", (int)status); + } + return FALSE; +} + + +static gboolean +ungrab_keyboard (GtkWidget *win G_GNUC_UNUSED, + GdkEvent *event, + gpointer data) +{ + KaPwDialog* pwdialog = KA_PWDIALOG(data); + + if (pwdialog->priv->grabbed) + gdk_keyboard_ungrab (gdk_event_get_time (event)); + pwdialog->priv->grabbed = FALSE; + return FALSE; +} + + +static gboolean +window_state_changed (GtkWidget *win, GdkEventWindowState *event, gpointer data) +{ + GdkWindowState state = gdk_window_get_state (win->window); + + if (state & GDK_WINDOW_STATE_WITHDRAWN || + state & GDK_WINDOW_STATE_ICONIFIED || + state & GDK_WINDOW_STATE_FULLSCREEN || + state & GDK_WINDOW_STATE_MAXIMIZED) + ungrab_keyboard (win, (GdkEvent*)event, data); + else + grab_keyboard (win, (GdkEvent*)event, data); + + return FALSE; +} + + +gint +ka_pwdialog_run(KaPwDialog* self) +{ + GtkWidget *dialog = self->priv->dialog; + + /* cleanup old error dialog, if present (e.g. user didn't acknowledge + * the error but clicked the tray icon again) */ + if (self->priv->error_dialog) + gtk_widget_hide (self->priv->error_dialog); + + /* make sure we pop up on top */ + gtk_window_set_keep_above (GTK_WINDOW (dialog), TRUE); + + /* + * grab the keyboard so that people don't accidentally type their + * passwords in other windows. + */ + g_signal_connect (dialog, "map-event", G_CALLBACK (grab_keyboard), self); + g_signal_connect (dialog, "unmap-event", G_CALLBACK (ungrab_keyboard), self); + g_signal_connect (dialog, "window-state-event", G_CALLBACK (window_state_changed), self); + + gtk_widget_grab_focus (self->priv->pw_entry); + gtk_widget_show(dialog); + return gtk_dialog_run (GTK_DIALOG(dialog)); +} + + +void +ka_pwdialog_error(KaPwDialog* self, const char *msg) +{ + GtkWidget *dialog = self->priv->error_dialog; + + gtk_message_dialog_format_secondary_text (GTK_MESSAGE_DIALOG (dialog), + _("Couldn't acquire kerberos ticket: '%s'"), + _(msg)); + gtk_widget_show (GTK_WIDGET(dialog)); + gtk_dialog_run (GTK_DIALOG(dialog)); + gtk_widget_hide(dialog); +} + + +void +ka_pwdialog_set_persist (KaPwDialog* pwdialog, gboolean persist) +{ + pwdialog->priv->persist = persist; +} + +void +ka_pwdialog_hide (const KaPwDialog* pwdialog, gboolean force) +{ + KA_DEBUG("PW Dialog persist: %d", pwdialog->priv->persist); + if (!pwdialog->priv->persist || force) + gtk_widget_hide(pwdialog->priv->dialog); +} + +const gchar* +ka_pwdialog_get_password(KaPwDialog *pwdialog) +{ + return gtk_secure_entry_get_text (GTK_SECURE_ENTRY (pwdialog->priv->pw_entry)); +} + +gboolean +ka_pwdialog_status_update (KaPwDialog* pwdialog) +{ + gchar *expiry_text; + gchar *expiry_markup; + int minutes_left = ka_tgt_valid_seconds() / 60; + + g_return_val_if_fail (pwdialog != NULL, FALSE); + if (minutes_left > 0) { + expiry_text = g_strdup_printf (ngettext("Your credentials expire in %d minute", + "Your credentials expire in %d minutes", + minutes_left), minutes_left); + } else { + expiry_text = g_strdup_printf ("%s", + _("Your credentials have expired")); + } + expiry_markup = g_strdup_printf ("%s", expiry_text); + gtk_label_set_markup (GTK_LABEL(pwdialog->priv->status_label), expiry_markup); + g_free (expiry_text); + g_free (expiry_markup); + + return TRUE; +} + +void +ka_pwdialog_setup (KaPwDialog* pwdialog, const gchar *krb5prompt, + gboolean invalid_auth) +{ + KaPwDialogPrivate *priv = pwdialog->priv; + gchar *wrong_markup = NULL; + GtkWidget *e; + gchar *prompt; + int pw4len; + + if (krb5prompt == NULL) { + prompt = g_strdup (_("Please enter your Kerberos password:")); + } else { + /* Kerberos's prompts are a mess, and basically impossible to + * translate. There's basically no way short of doing a lot of + * string parsing to translate them. The most common prompt is + * "Password for $uid:". We special case that one at least. We + * cannot do any of the fancier strings (like challenges), + * though. */ + pw4len = strlen ("Password for "); + if (strncmp (krb5prompt, "Password for ", pw4len) == 0) { + gchar *uid = (gchar *) (krb5prompt + pw4len); + prompt = g_strdup_printf (_("Please enter the password for '%s':"), uid); + } else { + prompt = g_strdup (krb5prompt); + } + } + + e = gtk_entry_new (); + gtk_secure_entry_set_invisible_char (GTK_SECURE_ENTRY (priv->pw_entry), + gtk_entry_get_invisible_char (GTK_ENTRY (e))); + gtk_widget_destroy (e); + + /* Clear the password entry field */ + gtk_secure_entry_set_text (GTK_SECURE_ENTRY (priv->pw_entry), ""); + + /* Use the prompt label that krb5 provides us */ + gtk_label_set_text (GTK_LABEL (priv->krb_label), prompt); + + /* Add our extra message hints */ + if (invalid_auth) { + wrong_markup = g_strdup_printf ("%s", + _("The password you entered is invalid")); + gtk_label_set_markup (GTK_LABEL (priv->status_label), wrong_markup); + } else + ka_pwdialog_status_update (pwdialog); + + g_free(wrong_markup); + g_free (prompt); +} + + +static GtkWidget* +ka_error_dialog_new(void) +{ + GtkWidget *dialog = gtk_message_dialog_new ( + NULL, GTK_DIALOG_DESTROY_WITH_PARENT, + GTK_MESSAGE_ERROR, GTK_BUTTONS_OK, + _("%s Error"), KA_NAME); + gtk_window_set_title(GTK_WINDOW(dialog), _(KA_NAME)); + gtk_window_set_skip_taskbar_hint(GTK_WINDOW(dialog), FALSE); + return dialog; +} + + +KaPwDialog* +ka_pwdialog_create(GtkBuilder* xml) +{ + KaPwDialog *pwdialog = ka_pwdialog_new(); + KaPwDialogPrivate *priv = pwdialog->priv; + GtkWidget *entry_hbox = NULL; + + priv->dialog = GTK_WIDGET (gtk_builder_get_object (xml, "krb5_dialog")); + priv->status_label = GTK_WIDGET (gtk_builder_get_object (xml, "krb5_status_label")); + priv->krb_label = GTK_WIDGET (gtk_builder_get_object (xml, "krb5_message_label")); + priv->pw_entry = GTK_WIDGET (gtk_secure_entry_new ()); + priv->error_dialog = ka_error_dialog_new(); + + entry_hbox = GTK_WIDGET (gtk_builder_get_object (xml, "entry_hbox")); + gtk_container_add (GTK_CONTAINER (entry_hbox), priv->pw_entry); + gtk_secure_entry_set_activates_default (GTK_SECURE_ENTRY (priv->pw_entry), TRUE); + gtk_widget_show (priv->pw_entry); + + return pwdialog; +} diff --git a/src/ka-pwdialog.h b/src/ka-pwdialog.h new file mode 100644 index 0000000..8b39402 --- /dev/null +++ b/src/ka-pwdialog.h @@ -0,0 +1,65 @@ +/* Krb5 Auth Applet -- Acquire and release kerberos tickets + * + * (C) 2009 Guido Guenther + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + */ + +#ifndef KA_PWDIALOG_H +#define KA_PWDIALOG_H + +#include +#include + +#include "config.h" +#include "gtksecentry.h" + +G_BEGIN_DECLS + +#define KA_TYPE_PWDIALOG (ka_pwdialog_get_type ()) +#define KA_PWDIALOG(obj) \ + (G_TYPE_CHECK_INSTANCE_CAST ((obj), KA_TYPE_PWDIALOG, KaPwDialog)) +#define KA_PWDIALOG_CLASS(klass) \ + (G_TYPE_CHECK_CLASS_CAST ((klass), KA_TYPE_PWDIALOG, KaPwDialogClass)) +#define KA_IS_PWDIALOG(obj) \ + (G_TYPE_CHECK_INSTANCE_TYPE ((obj), KA_TYPE_PWDIALOG)) +#define KA_IS_PWDIALOG_CLASS(klass) \ + (G_TYPE_CHECK_CLASS_TYPE ((klass), KA_TYPE_PWDIALOG)) +#define KA_PWDIALOG_GET_CLASS(obj) \ + (G_TYPE_INSTANCE_GET_CLASS ((obj), KA_TYPE_PWDIALOG, KaPwDialogClass)) + +typedef struct _KaPwDialog KaPwDialog; +typedef struct _KaPwDialogClass KaPwDialogClass; +typedef struct _KaPwDialogPrivate KaPwDialogPrivate; + +GType ka_pwdialog_get_type (void); + +/* public functions */ +KaPwDialog* ka_pwdialog_create(GtkBuilder *xml); +/* setup everything for the next prompting */ +void ka_pwdialog_setup (KaPwDialog* pwdialog, const gchar *krb5prompt, + gboolean invalid_auth); +gint ka_pwdialog_run(KaPwDialog *pwdialog); +void ka_pwdialog_hide(const KaPwDialog *pwdialog, gboolean force); +void ka_pwdialog_set_persist(KaPwDialog *pwdialog, gboolean persist); +void ka_pwdialog_error (KaPwDialog *pwdialog, const char *msg); +/* update the expiry information in the status entry */ +gboolean ka_pwdialog_status_update (KaPwDialog *pwdialog); +const gchar* ka_pwdialog_get_password(KaPwDialog *dialog); + +G_END_DECLS + +#endif diff --git a/src/ka-tickets.c b/src/ka-tickets.c new file mode 100644 index 0000000..8734546 --- /dev/null +++ b/src/ka-tickets.c @@ -0,0 +1,115 @@ +/* Krb5 Auth Applet -- Acquire and release kerberos tickets + * + * (C) 2009 Guido Guenther + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + */ + +#include "config.h" + +#include +#include + +#include "ka-tickets.h" +#include "ka-dialog.h" + +static GtkListStore *tickets; +static GtkWidget *tickets_dialog; + +GtkWidget* +ka_tickets_dialog_create(GtkBuilder *xml) +{ + GtkCellRenderer *text_renderer, *toggle_renderer; + GtkTreeViewColumn *column; + GtkTreeView *tickets_view; + + tickets = gtk_list_store_new (N_COLUMNS, + G_TYPE_STRING, + G_TYPE_STRING, + G_TYPE_STRING, + G_TYPE_BOOLEAN, + G_TYPE_BOOLEAN, + G_TYPE_BOOLEAN); + + tickets_dialog = GTK_WIDGET (gtk_builder_get_object (xml, "krb5_tickets_dialog")); + tickets_view = GTK_TREE_VIEW (gtk_builder_get_object (xml, "krb5_tickets_treeview")); + gtk_tree_view_set_model(GTK_TREE_VIEW(tickets_view), GTK_TREE_MODEL(tickets)); + + text_renderer = gtk_cell_renderer_text_new(); + toggle_renderer = gtk_cell_renderer_toggle_new(); + + column = gtk_tree_view_column_new_with_attributes(_("Principal"), + text_renderer, + "text", + PRINCIPAL_COLUMN, + NULL); + gtk_tree_view_append_column (GTK_TREE_VIEW (tickets_view), column); + column = gtk_tree_view_column_new_with_attributes(_("Start Time"), + text_renderer, + "text", + START_TIME_COLUMN, + NULL); + gtk_tree_view_append_column (GTK_TREE_VIEW (tickets_view), column); + column = gtk_tree_view_column_new_with_attributes(_("End Time"), + text_renderer, + "markup", + END_TIME_COLUMN, + NULL); + gtk_tree_view_append_column (GTK_TREE_VIEW (tickets_view), column); + column = gtk_tree_view_column_new_with_attributes(_("Fwd"), + toggle_renderer, + "active", + FORWARDABLE_COLUMN, + NULL); + gtk_tree_view_append_column (GTK_TREE_VIEW (tickets_view), column); + column = gtk_tree_view_column_new_with_attributes(_("Proxy"), + toggle_renderer, + "active", + PROXIABLE_COLUMN, + NULL); + gtk_tree_view_append_column (GTK_TREE_VIEW (tickets_view), column); + column = gtk_tree_view_column_new_with_attributes(_("Renew"), + toggle_renderer, + "active", + RENEWABLE_COLUMN, + NULL); + gtk_tree_view_append_column (GTK_TREE_VIEW (tickets_view), column); + return tickets_dialog; +} + +void +ka_tickets_dialog_run() +{ + if (ka_get_service_tickets(tickets)) { + gtk_window_present(GTK_WINDOW(tickets_dialog)); + gtk_dialog_run(GTK_DIALOG(tickets_dialog)); + gtk_widget_hide(tickets_dialog); + } else { + GtkWidget *message_dialog; + + message_dialog = gtk_message_dialog_new (NULL, + GTK_DIALOG_DESTROY_WITH_PARENT, + GTK_MESSAGE_ERROR, + GTK_BUTTONS_CLOSE, + _("Error displaying service ticket information")); + gtk_window_set_resizable (GTK_WINDOW (message_dialog), FALSE); + + g_signal_connect (message_dialog, "response", + G_CALLBACK (gtk_widget_destroy), + NULL); + gtk_widget_show (message_dialog); + } +} diff --git a/src/ka-tickets.h b/src/ka-tickets.h new file mode 100644 index 0000000..a1002f5 --- /dev/null +++ b/src/ka-tickets.h @@ -0,0 +1,39 @@ +/* Krb5 Auth Applet -- Acquire and release kerberos tickets + * + * (C) 2009 Guido Guenther + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + */ + +#ifndef KA_TICKETS_H +#define KA_TICKETS_H + +enum ticket_columns { + PRINCIPAL_COLUMN, + START_TIME_COLUMN, + END_TIME_COLUMN, + FORWARDABLE_COLUMN, + RENEWABLE_COLUMN, + PROXIABLE_COLUMN, + N_COLUMNS +}; + + +GtkWidget* ka_tickets_dialog_create(GtkBuilder *xml); +void ka_tickets_dialog_run(void); + + +#endif diff --git a/src/ka-tools.c b/src/ka-tools.c new file mode 100644 index 0000000..177e64e --- /dev/null +++ b/src/ka-tools.c @@ -0,0 +1,57 @@ +/* + * Copyright (C) 2009 Guido Guenther + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#include "config.h" + +#include +#include "ka-tools.h" + +void +ka_show_help (GdkScreen* screen, const char* chapter, GtkWindow* window) +{ + GError *error = NULL; + const char *section = ""; + char *url; + + if (chapter) + section = chapter; + + url = g_strdup_printf("ghelp:krb5-auth-dialog%s", section); + + gtk_show_uri (screen, url, gtk_get_current_event_time (), &error); + + if (error) { + GtkWidget *message_dialog; + + message_dialog = gtk_message_dialog_new (GTK_WINDOW (window), + GTK_DIALOG_DESTROY_WITH_PARENT, + GTK_MESSAGE_ERROR, + GTK_BUTTONS_CLOSE, + _("There was an error displaying help:\n%s"), + error->message); + gtk_window_set_resizable (GTK_WINDOW (message_dialog), FALSE); + + g_signal_connect (message_dialog, "response", + G_CALLBACK (gtk_widget_destroy), + NULL); + + gtk_widget_show (message_dialog); + g_error_free (error); + } + g_free (url); +} diff --git a/src/ka-tools.h b/src/ka-tools.h new file mode 100644 index 0000000..f97791b --- /dev/null +++ b/src/ka-tools.h @@ -0,0 +1,32 @@ +/* Krb5 Auth Applet -- Acquire and release kerberos tickets + * + * (C) 2009 Guido Guenther + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + * + */ + +#ifndef KA_TOOLS +#define KA_TOOLS + +#include + +G_BEGIN_DECLS + +void ka_show_help (GdkScreen* screen, const char* section, GtkWindow* window); + +G_END_DECLS + +#endif diff --git a/src/krb5-auth-applet-dbus.xml b/src/krb5-auth-applet-dbus.xml deleted file mode 100644 index 0908ec6..0000000 --- a/src/krb5-auth-applet-dbus.xml +++ /dev/null @@ -1,31 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/src/krb5-auth-applet.c b/src/krb5-auth-applet.c deleted file mode 100644 index dd621a0..0000000 --- a/src/krb5-auth-applet.c +++ /dev/null @@ -1,919 +0,0 @@ -/* Krb5 Auth Applet -- Acquire and release kerberos tickets - * - * (C) 2008,2009,2010 Guido Guenther - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - * - */ - -#include "config.h" - -#include - -#include "krb5-auth-applet.h" -#include "krb5-auth-dialog.h" -#include "krb5-auth-gconf-tools.h" -#include "krb5-auth-gconf.h" -#include "krb5-auth-tools.h" -#include "krb5-auth-tickets.h" -#ifdef HAVE_LIBNOTIFY -#include -#endif - -#define NOTIFY_SECONDS 300 - -enum ka_icon { - inv_icon = 0, - exp_icon, - val_icon, -}; - -enum -{ - KA_PROP_0 = 0, - KA_PROP_PRINCIPAL, - KA_PROP_PK_USERID, - KA_PROP_PK_ANCHORS, - KA_PROP_TRAYICON, - KA_PROP_PW_PROMPT_MINS, - KA_PROP_TGT_FORWARDABLE, - KA_PROP_TGT_PROXIABLE, - KA_PROP_TGT_RENEWABLE, -}; - -struct _KaApplet { - GObject parent; - - KaAppletPrivate *priv; -}; - -struct _KaAppletClass { - GObjectClass parent; - - guint signals [KA_SIGNAL_COUNT]; -}; - -G_DEFINE_TYPE(KaApplet, ka_applet, G_TYPE_OBJECT); - -struct _KaAppletPrivate -{ - GtkBuilder *uixml; - GtkStatusIcon* tray_icon; /* the tray icon */ - GtkWidget* context_menu; /* the tray icon's context menu */ - const char* icons[3]; /* for invalid, expiring and valid tickts */ - gboolean show_trayicon; /* show the trayicon */ - - KaPwDialog *pwdialog; /* the password dialog */ - int pw_prompt_secs; /* when to start prompting for a password */ - -#ifdef HAVE_LIBNOTIFY - NotifyNotification* notification;/* notification messages */ -#endif /* HAVE_LIBNOTIFY */ - const char* notify_gconf_key; /* disable notification gconf key */ - char* principal; /* the principal to request */ - gboolean renewable; /* credentials renewable? */ - char* pk_userid; /* "userid" for pkint */ - char* pk_anchors; /* trust anchors for pkint */ - gboolean tgt_forwardable; /* request a forwardable ticket */ - gboolean tgt_renewable; /* request a renewable ticket */ - gboolean tgt_proxiable; /* request a proxiable ticket */ - - GConfClient *gconf; /* gconf client */ -}; - -static void -ka_applet_set_property (GObject *object, - guint property_id, - const GValue *value, - GParamSpec *pspec) -{ - KaApplet* self = KA_APPLET (object); - - switch (property_id) { - case KA_PROP_PRINCIPAL: - g_free (self->priv->principal); - self->priv->principal = g_value_dup_string (value); - KA_DEBUG ("%s: %s", pspec->name, self->priv->principal); - break; - - case KA_PROP_PK_USERID: - g_free (self->priv->pk_userid); - self->priv->pk_userid = g_value_dup_string (value); - KA_DEBUG ("%s: %s", pspec->name, self->priv->pk_userid); - break; - - case KA_PROP_PK_ANCHORS: - g_free (self->priv->pk_anchors); - self->priv->pk_anchors = g_value_dup_string (value); - KA_DEBUG ("%s: %s", pspec->name, self->priv->pk_anchors); - break; - - case KA_PROP_TRAYICON: - self->priv->show_trayicon = g_value_get_boolean (value); - KA_DEBUG ("%s: %s", pspec->name, self->priv->show_trayicon ? "True" : "False"); - break; - - case KA_PROP_PW_PROMPT_MINS: - self->priv->pw_prompt_secs = g_value_get_uint (value) * 60; - KA_DEBUG ("%s: %d", pspec->name, self->priv->pw_prompt_secs/60); - break; - - case KA_PROP_TGT_FORWARDABLE: - self->priv->tgt_forwardable = g_value_get_boolean (value); - KA_DEBUG ("%s: %s", pspec->name, self->priv->tgt_forwardable ? "True" : "False"); - break; - - case KA_PROP_TGT_PROXIABLE: - self->priv->tgt_proxiable = g_value_get_boolean (value); - KA_DEBUG ("%s: %s", pspec->name, self->priv->tgt_proxiable ? "True" : "False"); - break; - - case KA_PROP_TGT_RENEWABLE: - self->priv->tgt_renewable = g_value_get_boolean (value); - KA_DEBUG ("%s: %s", pspec->name, self->priv->tgt_renewable ? "True" : "False"); - break; - - default: - /* We don't have any other property... */ - G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec); - break; - } -} - -static void -ka_applet_get_property (GObject *object, - guint property_id, - GValue *value, - GParamSpec *pspec) -{ - KaApplet *self = KA_APPLET (object); - - switch (property_id) - { - case KA_PROP_PRINCIPAL: - g_value_set_string (value, self->priv->principal); - break; - - case KA_PROP_PK_USERID: - g_value_set_string (value, self->priv->pk_userid); - break; - - case KA_PROP_PK_ANCHORS: - g_value_set_string (value, self->priv->pk_anchors); - break; - - case KA_PROP_TRAYICON: - g_value_set_boolean (value, self->priv->show_trayicon); - break; - - case KA_PROP_PW_PROMPT_MINS: - g_value_set_uint (value, self->priv->pw_prompt_secs / 60); - break; - - case KA_PROP_TGT_FORWARDABLE: - g_value_set_boolean (value, self->priv->tgt_forwardable); - break; - - case KA_PROP_TGT_PROXIABLE: - g_value_set_boolean (value, self->priv->tgt_proxiable); - break; - - case KA_PROP_TGT_RENEWABLE: - g_value_set_boolean (value, self->priv->tgt_renewable); - break; - - default: - G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec); - break; - } -} - - -static void -ka_applet_dispose(GObject* object) -{ - KaApplet* applet = KA_APPLET(object); - GObjectClass *parent_class = G_OBJECT_CLASS (ka_applet_parent_class); - - if (applet->priv->tray_icon) { - g_object_unref(applet->priv->tray_icon); - applet->priv->tray_icon = NULL; - } - if (applet->priv->pwdialog) { - g_object_unref(applet->priv->pwdialog); - applet->priv->pwdialog = NULL; - } - if (applet->priv->uixml) { - g_object_unref(applet->priv->uixml); - applet->priv->uixml = NULL; - } - - if (parent_class->dispose != NULL) - parent_class->dispose (object); -} - - -static void -ka_applet_finalize(GObject *object) -{ - KaApplet* applet = KA_APPLET(object); - GObjectClass *parent_class = G_OBJECT_CLASS (ka_applet_parent_class); - - g_free (applet->priv->principal); - g_free (applet->priv->pk_userid); - g_free (applet->priv->pk_anchors); - /* no need to free applet->priv */ - - if (parent_class->finalize != NULL) - parent_class->finalize (object); -} - -static void -ka_applet_init(KaApplet *applet) -{ - applet->priv = G_TYPE_INSTANCE_GET_PRIVATE(applet, - KA_TYPE_APPLET, - KaAppletPrivate); -} - -static void -ka_applet_class_init(KaAppletClass *klass) -{ - GObjectClass *object_class = G_OBJECT_CLASS(klass); - GParamSpec *pspec; - const gchar *signalNames [ KA_SIGNAL_COUNT ] = { - "krb-tgt-acquired", - "krb-tgt-renewed", - "krb-tgt-expired"}; - int i; - - object_class->dispose = ka_applet_dispose; - object_class->finalize = ka_applet_finalize; - g_type_class_add_private(klass, sizeof(KaAppletPrivate)); - - object_class->set_property = ka_applet_set_property; - object_class->get_property = ka_applet_get_property; - - pspec = g_param_spec_string ("principal", - "Principal", - "Get/Set Kerberos principal", - "", - G_PARAM_CONSTRUCT | G_PARAM_READWRITE); - g_object_class_install_property (object_class, - KA_PROP_PRINCIPAL, - pspec); - - pspec = g_param_spec_string ("pk-userid", - "PKinit identifier", - "Get/Set Pkinit identifier", - "", - G_PARAM_CONSTRUCT | G_PARAM_READWRITE); - g_object_class_install_property (object_class, - KA_PROP_PK_USERID, - pspec); - - pspec = g_param_spec_string ("pk-anchors", - "PKinit trust anchors", - "Get/Set Pkinit trust anchors", - "", - G_PARAM_CONSTRUCT | G_PARAM_READWRITE); - g_object_class_install_property (object_class, - KA_PROP_PK_ANCHORS, - pspec); - - pspec = g_param_spec_boolean("show-trayicon", - "Show tray icon", - "Show/Hide the tray icon", - TRUE, - G_PARAM_CONSTRUCT | G_PARAM_READWRITE); - g_object_class_install_property (object_class, - KA_PROP_TRAYICON, - pspec); - - pspec = g_param_spec_uint ("pw-prompt-mins", - "Password prompting interval", - "Password prompting interval in minutes", - 0, G_MAXUINT, MINUTES_BEFORE_PROMPTING, - G_PARAM_CONSTRUCT | G_PARAM_READWRITE); - g_object_class_install_property (object_class, - KA_PROP_PW_PROMPT_MINS, - pspec); - - pspec = g_param_spec_boolean("tgt-forwardable", - "Forwardable ticket", - "wether to request forwardable tickets", - FALSE, - G_PARAM_CONSTRUCT | G_PARAM_READWRITE); - g_object_class_install_property (object_class, - KA_PROP_TGT_FORWARDABLE, - pspec); - - pspec = g_param_spec_boolean("tgt-proxiable", - "Proxiable ticket", - "wether to request proxiable tickets", - FALSE, - G_PARAM_CONSTRUCT | G_PARAM_READWRITE); - g_object_class_install_property (object_class, - KA_PROP_TGT_PROXIABLE, - pspec); - - pspec = g_param_spec_boolean("tgt-renewable", - "Renewable ticket", - "wether to request renewable tickets", - FALSE, - G_PARAM_CONSTRUCT | G_PARAM_READWRITE); - g_object_class_install_property (object_class, - KA_PROP_TGT_RENEWABLE, - pspec); - - for (i = 0; i < KA_SIGNAL_COUNT ; i++) { - guint signalId; - signalId = - g_signal_new ( signalNames [i], - G_OBJECT_CLASS_TYPE ( klass ), - G_SIGNAL_RUN_LAST, - 0, - NULL, - NULL, - g_cclosure_marshal_VOID__STRING, - G_TYPE_NONE, - 2, /* number of parameters */ - G_TYPE_STRING, - G_TYPE_UINT); - klass->signals [i] = signalId ; - } -} - - -static KaApplet* -ka_applet_new(void) -{ - return g_object_new (KA_TYPE_APPLET, NULL); -} - - -/* determine the new tooltip text */ -static char* -ka_applet_tooltip_text(int remaining) -{ - int hours, minutes; - gchar* tooltip_text; - - if (remaining > 0) { - if (remaining >= 3600) { - hours = remaining / 3600; - minutes = (remaining % 3600) / 60; - /* Translators: First number is hours, second number is minutes */ - tooltip_text = g_strdup_printf (_("Your credentials expire in %.2d:%.2dh"), hours, minutes); - } else { - minutes = remaining / 60; - tooltip_text = g_strdup_printf (ngettext( - "Your credentials expire in %d minute", - "Your credentials expire in %d minutes", - minutes), minutes); - } - } else - tooltip_text = g_strdup (_("Your credentials have expired")); - return tooltip_text; -} - - -/* determine the current icon */ -static const char* -ka_applet_select_icon(KaApplet* applet, int remaining) -{ - enum ka_icon tray_icon = inv_icon; - - if (remaining > 0) { - if (remaining < applet->priv->pw_prompt_secs && - !applet->priv->renewable) - tray_icon = exp_icon; - else - tray_icon = val_icon; - } - - return applet->priv->icons[tray_icon]; -} - - -#ifdef HAVE_LIBNOTIFY -static gboolean -ka_show_notification (KaApplet *applet) -{ - /* wait for the panel to be settled before showing a bubble */ - if (gtk_status_icon_is_embedded (applet->priv->tray_icon)) { - GError *error = NULL; - gboolean ret; - - ret = notify_notification_show (applet->priv->notification, &error); - if (!ret) { - g_assert (error); - g_assert (error->message); - g_warning ("Failed to show notification: %s", error->message); - g_clear_error (&error); - } - } else { - g_timeout_add_seconds (5, (GSourceFunc)ka_show_notification, applet); - } - return FALSE; -} - - -static void -ka_notify_action_cb (NotifyNotification *notification G_GNUC_UNUSED, - gchar *action, gpointer user_data) -{ - KaApplet *self = KA_APPLET (user_data); - - if (strcmp (action, "dont-show-again") == 0) { - KA_DEBUG ("turning of notification %s", self->priv->notify_gconf_key); - ka_gconf_set_bool (self->priv->gconf, - self->priv->notify_gconf_key, - FALSE); - self->priv->notify_gconf_key = NULL; - } else { - g_warning("unkonwn action for callback"); - } -} - - -static void -ka_send_event_notification (KaApplet *applet, - const char *summary, - const char *message, - const char *icon, - const char *action) -{ - const char *notify_icon; - - g_return_if_fail (applet != NULL); - g_return_if_fail (summary != NULL); - g_return_if_fail (message != NULL); - - if (!notify_is_initted ()) - notify_init (PACKAGE); - - if (applet->priv->notification != NULL) { - notify_notification_close (applet->priv->notification, NULL); - g_object_unref (applet->priv->notification); - } - - notify_icon = icon ? icon : "krb-valid-ticket"; - - applet->priv->notification = \ - notify_notification_new_with_status_icon(summary, - message, - notify_icon, - applet->priv->tray_icon); - - notify_notification_set_urgency (applet->priv->notification, NOTIFY_URGENCY_NORMAL); - notify_notification_add_action (applet->priv->notification, - action, - _("Don't show me this again"), - (NotifyActionCallback) ka_notify_action_cb, - applet, NULL); - ka_show_notification (applet); -} -#else -static void -ka_send_event_notification (KaApplet *applet G_GNUC_UNUSED, - const char *summary G_GNUC_UNUSED, - const char *message G_GNUC_UNUSED, - const char *icon G_GNUC_UNUSED, - const char *action G_GNUC_UNUSED) -{ -} -#endif /* ! HAVE_LIBNOTIFY */ - - -/* - * update the tray icon's tooltip and icon - * and notify listeners about acquired/expiring tickets via signals - */ -int -ka_applet_update_status(KaApplet* applet, krb5_timestamp expiry) -{ - int now = time(0); - int remaining = expiry - now; - static int last_warn = 0; - static gboolean expiry_notified = FALSE; - gboolean notify = TRUE; - const char* tray_icon = ka_applet_select_icon (applet, remaining); - char* tooltip_text = ka_applet_tooltip_text (remaining); - - if (remaining > 0) { - if (expiry_notified) { - ka_gconf_get_bool(applet->priv->gconf, - KA_GCONF_KEY_NOTIFY_VALID, - ¬ify); - if (notify) { - applet->priv->notify_gconf_key = KA_GCONF_KEY_NOTIFY_VALID; - ka_send_event_notification (applet, - _("Network credentials valid"), - _("You've refreshed your Kerberos credentials."), - "krb-valid-ticket", - "dont-show-again"); - } - ka_applet_signal_emit (applet, KA_SIGNAL_ACQUIRED_TGT, expiry); - expiry_notified = FALSE; - } else if (remaining < applet->priv->pw_prompt_secs && (now - last_warn) > NOTIFY_SECONDS && - !applet->priv->renewable) { - ka_gconf_get_bool(applet->priv->gconf, - KA_GCONF_KEY_NOTIFY_EXPIRING, - ¬ify); - if (notify) { - applet->priv->notify_gconf_key = KA_GCONF_KEY_NOTIFY_EXPIRING; - ka_send_event_notification (applet, - _("Network credentials expiring"), - tooltip_text, - "krb-expiring-ticket", - "dont-show-again"); - } - last_warn = now; - } - } else { - if (!expiry_notified) { - ka_gconf_get_bool(applet->priv->gconf, - KA_GCONF_KEY_NOTIFY_EXPIRED, - ¬ify); - if (notify) { - applet->priv->notify_gconf_key = KA_GCONF_KEY_NOTIFY_EXPIRED; - ka_send_event_notification (applet, - _("Network credentials expired"), - _("Your Kerberos credentails have expired."), - "krb-no-valid-ticket", - "dont-show-again"); - } - ka_applet_signal_emit (applet, KA_SIGNAL_EXPIRED_TGT, expiry); - expiry_notified = TRUE; - last_warn = 0; - } - } - - gtk_status_icon_set_from_icon_name (applet->priv->tray_icon, tray_icon); - gtk_status_icon_set_tooltip_text (applet->priv->tray_icon, tooltip_text); - g_free(tooltip_text); - return 0; -} - - -static void -ka_applet_menu_add_separator_item (GtkWidget* menu) -{ - GtkWidget* menu_item; - - menu_item = gtk_separator_menu_item_new (); - gtk_menu_shell_append (GTK_MENU_SHELL (menu), menu_item); - gtk_widget_show (menu_item); -} - -static void -ka_applet_cb_preferences (GtkWidget* menuitem G_GNUC_UNUSED, - gpointer user_data G_GNUC_UNUSED) -{ - GError *error = NULL; - - g_spawn_command_line_async (BIN_DIR - G_DIR_SEPARATOR_S - "krb5-auth-dialog-preferences", - &error); - if (error) { - GtkWidget *message_dialog; - - message_dialog = gtk_message_dialog_new (NULL, - GTK_DIALOG_DESTROY_WITH_PARENT, - GTK_MESSAGE_ERROR, - GTK_BUTTONS_CLOSE, - _("There was an error launching the preferences dialog: %s"), - error->message); - gtk_window_set_resizable (GTK_WINDOW (message_dialog), FALSE); - - g_signal_connect (message_dialog, "response", - G_CALLBACK (gtk_widget_destroy), - NULL); - gtk_widget_show (message_dialog); - g_error_free (error); - } -} - - -/* Free all resources and quit */ -static void -ka_applet_cb_quit (GtkMenuItem* menuitem G_GNUC_UNUSED, gpointer user_data) -{ - KaApplet* applet = KA_APPLET(user_data); - - g_object_unref (applet); - gtk_main_quit (); -} - - -static void -ka_about_dialog_url_hook (GtkAboutDialog *about, - const gchar *alink, - gpointer data G_GNUC_UNUSED) -{ - GError *error = NULL; - - gtk_show_uri(gtk_window_get_screen (GTK_WINDOW (about)), - alink, gtk_get_current_event_time(), &error); - - if (error) { - GtkWidget *message_dialog; - - message_dialog = gtk_message_dialog_new (GTK_WINDOW (about), - GTK_DIALOG_DESTROY_WITH_PARENT, - GTK_MESSAGE_ERROR, - GTK_BUTTONS_CLOSE, - _("There was an error displaying %s:\n%s"), - alink, error->message); - gtk_window_set_resizable (GTK_WINDOW (message_dialog), FALSE); - - g_signal_connect (message_dialog, "response", - G_CALLBACK (gtk_widget_destroy), - NULL); - gtk_widget_show (message_dialog); - g_error_free (error); - } -} - - -static void -ka_applet_cb_about_dialog (GtkMenuItem* menuitem G_GNUC_UNUSED, - gpointer user_data G_GNUC_UNUSED) -{ - const gchar* authors[] = { - "Christopher Aillon ", - "Jonathan Blandford ", - "Colin Walters ", - "Guido Günther ", - NULL }; - - gtk_about_dialog_set_url_hook (ka_about_dialog_url_hook, NULL, NULL); - gtk_show_about_dialog (NULL, - "authors", authors, - "version", VERSION, - "logo-icon-name", "krb-valid-ticket", - "copyright", - "Copyright (C) 2004,2005,2006 Red Hat, Inc.,\n" - "2008,2009 Guido Günther", - "website-label", PACKAGE " website", - "website", "https://honk.sigxcpu.org/piki/projects/krb5-auth-dialog/", - "license", "GNU General Public License Version 2", - /* Translators: add the translators of your language here */ - "translator-credits", _("translator-credits"), - NULL); -} - - -static void -ka_applet_cb_show_help (GtkMenuItem* menuitem G_GNUC_UNUSED, - gpointer user_data) -{ - KaApplet *applet = KA_APPLET(user_data); - - ka_show_help (gtk_status_icon_get_screen(applet->priv->tray_icon), NULL, NULL); -} - - -static void -ka_applet_cb_destroy_ccache(GtkMenuItem* menuitem G_GNUC_UNUSED, - gpointer user_data) -{ - KaApplet *applet = KA_APPLET(user_data); - ka_destroy_ccache(applet); -} - -static void -ka_applet_cb_show_tickets(GtkMenuItem* menuitem G_GNUC_UNUSED, - gpointer user_data G_GNUC_UNUSED) -{ - ka_tickets_dialog_run(); -} - - -/* The tray icon's context menu */ -static gboolean -ka_applet_create_context_menu (KaApplet* applet) -{ - GtkWidget* menu; - GtkWidget* menu_item; - GtkWidget* image; - - menu = gtk_menu_new (); - - /* kdestroy */ - menu_item = gtk_image_menu_item_new_with_mnemonic (_("Remove Credentials _Cache")); - g_signal_connect (G_OBJECT (menu_item), "activate", - G_CALLBACK (ka_applet_cb_destroy_ccache), applet); - image = gtk_image_new_from_stock (GTK_STOCK_CANCEL, GTK_ICON_SIZE_MENU); - gtk_image_menu_item_set_image (GTK_IMAGE_MENU_ITEM (menu_item), image); - gtk_menu_shell_append (GTK_MENU_SHELL (menu), menu_item); - - ka_applet_menu_add_separator_item (menu); - - /* Ticket dialog */ - menu_item = gtk_image_menu_item_new_with_mnemonic("_List Tickets"); - g_signal_connect (G_OBJECT (menu_item), "activate", - G_CALLBACK (ka_applet_cb_show_tickets), applet); - gtk_menu_shell_append (GTK_MENU_SHELL (menu), menu_item); - - /* Preferences */ - menu_item = gtk_image_menu_item_new_from_stock(GTK_STOCK_PREFERENCES, NULL); - g_signal_connect (G_OBJECT (menu_item), "activate", - G_CALLBACK (ka_applet_cb_preferences), applet); - gtk_menu_shell_append (GTK_MENU_SHELL (menu), menu_item); - - /* About item */ - menu_item = gtk_image_menu_item_new_from_stock(GTK_STOCK_HELP, NULL); - g_signal_connect (G_OBJECT (menu_item), "activate", - G_CALLBACK (ka_applet_cb_show_help), applet); - gtk_menu_shell_append (GTK_MENU_SHELL (menu), menu_item); - - /* About item */ - menu_item = gtk_image_menu_item_new_from_stock(GTK_STOCK_ABOUT, NULL); - g_signal_connect (G_OBJECT (menu_item), "activate", - G_CALLBACK (ka_applet_cb_about_dialog), applet); - gtk_menu_shell_append (GTK_MENU_SHELL (menu), menu_item); - - ka_applet_menu_add_separator_item (menu); - - /* Quit */ - menu_item = gtk_image_menu_item_new_from_stock(GTK_STOCK_QUIT, NULL); - g_signal_connect (G_OBJECT (menu_item), "activate", - G_CALLBACK (ka_applet_cb_quit), applet); - gtk_menu_shell_append (GTK_MENU_SHELL (menu), menu_item); - - gtk_widget_show_all (menu); - applet->priv->context_menu = menu; - - return TRUE; -} - - -static void -ka_tray_icon_on_menu (GtkStatusIcon* status_icon G_GNUC_UNUSED, - guint button, - guint activate_time, - gpointer user_data) -{ - KaApplet *applet = KA_APPLET(user_data); - - KA_DEBUG("Trayicon right clicked: %d", applet->priv->pw_prompt_secs); - gtk_menu_popup (GTK_MENU (applet->priv->context_menu), NULL, NULL, - gtk_status_icon_position_menu, applet->priv->tray_icon, - button, activate_time); -} - - -static gboolean -ka_tray_icon_on_click (GtkStatusIcon* status_icon G_GNUC_UNUSED, - gpointer data) -{ - KaApplet *applet = KA_APPLET(data); - - KA_DEBUG("Trayicon clicked: %d", applet->priv->pw_prompt_secs); - ka_grab_credentials (applet); - return TRUE; -} - - -static gboolean -ka_applet_cb_show_trayicon (KaApplet* applet, - GParamSpec* property G_GNUC_UNUSED, - gpointer data G_GNUC_UNUSED) -{ - g_return_val_if_fail (applet != NULL, FALSE); - g_return_val_if_fail (applet->priv->tray_icon != NULL, FALSE); - - gtk_status_icon_set_visible (applet->priv->tray_icon, applet->priv->show_trayicon); - return TRUE; -} - - -static gboolean -ka_applet_create_tray_icon (KaApplet* applet) -{ - GtkStatusIcon* tray_icon; - - tray_icon = gtk_status_icon_new (); - - g_signal_connect (G_OBJECT(tray_icon), "activate", - G_CALLBACK(ka_tray_icon_on_click), applet); - g_signal_connect (G_OBJECT(tray_icon), - "popup-menu", - G_CALLBACK(ka_tray_icon_on_menu), applet); - gtk_status_icon_set_from_icon_name (tray_icon, applet->priv->icons[exp_icon]); - gtk_status_icon_set_tooltip_text (tray_icon, PACKAGE); - gtk_status_icon_set_title (tray_icon, KA_NAME); - applet->priv->tray_icon = tray_icon; - return TRUE; -} - -static int -ka_applet_setup_icons (KaApplet* applet) -{ - /* Add application specific icons to search path */ - gtk_icon_theme_append_search_path (gtk_icon_theme_get_default (), - DATA_DIR G_DIR_SEPARATOR_S "icons"); - applet->priv->icons[val_icon] = "krb-valid-ticket"; - applet->priv->icons[exp_icon] = "krb-expiring-ticket"; - applet->priv->icons[inv_icon] = "krb-no-valid-ticket"; - return TRUE; -} - -guint -ka_applet_get_pw_prompt_secs(const KaApplet* applet) -{ - return applet->priv->pw_prompt_secs; -} - -gboolean -ka_applet_get_show_trayicon(const KaApplet* applet) -{ - return applet->priv->show_trayicon; -} - -void -ka_applet_set_tgt_renewable(KaApplet* applet, gboolean renewable) -{ - applet->priv->renewable = renewable; -} - -gboolean -ka_applet_get_tgt_renewable(const KaApplet* applet) -{ - return applet->priv->renewable; -} - -KaPwDialog* -ka_applet_get_pwdialog(const KaApplet* applet) -{ - return applet->priv->pwdialog; -} - -void -ka_applet_signal_emit (KaApplet* this, KaAppletSignalNumber signum, - krb5_timestamp expiry) -{ - KaAppletClass *klass = KA_APPLET_GET_CLASS (this); - char *princ; - - princ = ka_unparse_name (); - if (!princ) - return; - - g_signal_emit (this, klass->signals[signum], 0, princ, (guint32)expiry); - g_free (princ); -} - -/* create the tray icon applet */ -KaApplet* -ka_applet_create() -{ - KaApplet* applet = ka_applet_new(); - GError *error = NULL; - gboolean ret; - - if (!(ka_applet_setup_icons (applet))) - g_error ("Failure to setup icons"); - if (!ka_applet_create_tray_icon (applet)) - g_error ("Failure to create tray icon"); - if (!ka_applet_create_context_menu (applet)) - g_error ("Failure to create context menu"); - gtk_window_set_default_icon_name (applet->priv->icons[val_icon]); - g_signal_connect (applet, "notify::show-trayicon", - G_CALLBACK (ka_applet_cb_show_trayicon), NULL); - - applet->priv->uixml = gtk_builder_new(); - ret = gtk_builder_add_from_file(applet->priv->uixml, - KA_DATA_DIR G_DIR_SEPARATOR_S - PACKAGE ".xml", &error); - if (!ret) { - g_assert (error); - g_assert (error->message); - g_error ("Failed to load UI XML: %s", error->message); - } - applet->priv->pwdialog = ka_pwdialog_create(applet->priv->uixml); - g_return_val_if_fail (applet->priv->pwdialog != NULL, NULL); - - applet->priv->gconf = ka_gconf_init (applet); - g_return_val_if_fail (applet->priv->gconf != NULL, NULL); - - ka_tickets_dialog_create(applet->priv->uixml); - - return applet; -} - diff --git a/src/krb5-auth-applet.h b/src/krb5-auth-applet.h deleted file mode 100644 index e0f32e4..0000000 --- a/src/krb5-auth-applet.h +++ /dev/null @@ -1,85 +0,0 @@ -/* Krb5 Auth Applet -- Acquire and release kerberos tickets - * - * (C) 2008 Guido Guenther - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - * - */ - -#ifndef KRB5_AUTH_APPLET_H -#define KRB5_AUTH_APPLET_H - -#include -#include -#include - -#include "config.h" -#include "krb5-auth-pwdialog.h" - -#define KA_NAME _("Network Authentication") - -G_BEGIN_DECLS - -#define KA_TYPE_APPLET (ka_applet_get_type ()) -#define KA_APPLET(obj) \ - (G_TYPE_CHECK_INSTANCE_CAST ((obj), KA_TYPE_APPLET, KaApplet)) -#define KA_APPLET_CLASS(klass) \ - (G_TYPE_CHECK_CLASS_CAST ((klass), KA_TYPE_APPLET, KaAppletClass)) -#define KA_IS_APPLET(obj) \ - (G_TYPE_CHECK_INSTANCE_TYPE ((obj), KA_TYPE_APPLET)) -#define KA_IS_APPLET_CLASS(klass) \ - (G_TYPE_CHECK_CLASS_TYPE ((klass), KA_TYPE_APPLET)) -#define KA_APPLET_GET_CLASS(obj) \ - (G_TYPE_INSTANCE_GET_CLASS ((obj), KA_TYPE_APPLET, KaAppletClass)) - -typedef struct _KaApplet KaApplet; -typedef struct _KaAppletClass KaAppletClass; -typedef struct _KaAppletPrivate KaAppletPrivate; - -GType ka_applet_get_type (void); - -/* signals emitted by KaApplet */ -typedef enum { - KA_SIGNAL_ACQUIRED_TGT, /* New TGT acquired */ - KA_SIGNAL_RENEWED_TGT, /* TGT got renewed */ - KA_SIGNAL_EXPIRED_TGT, /* TGT expired or ticket cache got destroyed */ - KA_SIGNAL_COUNT -} KaAppletSignalNumber; - -/* public functions */ -gboolean ka_applet_get_show_trayicon(const KaApplet* applet); -void ka_applet_set_tgt_renewable(KaApplet* applet, gboolean renewable); -gboolean ka_applet_get_tgt_renewable(const KaApplet* applet); -guint ka_applet_get_pw_prompt_secs(const KaApplet* applet); -KaPwDialog* ka_applet_get_pwdialog(const KaApplet* applet); -void ka_applet_signal_emit(KaApplet* applet, KaAppletSignalNumber signum, - krb5_timestamp expiry); - -/* create the applet */ -KaApplet* ka_applet_create(void); -/* update tooltip and icon */ -int ka_applet_update_status(KaApplet* applet, krb5_timestamp expiry); - -G_END_DECLS - -#ifdef ENABLE_DEBUG -#define KA_DEBUG(fmt,...) \ - g_printf ("DEBUG: %s: " fmt "\n", __func__, ##__VA_ARGS__) -#else -#define KA_DEBUG(fmt,...) \ - do { } while (0) -#endif /* !ENABLE_DEBUG */ - -#endif diff --git a/src/krb5-auth-dbus.c b/src/krb5-auth-dbus.c deleted file mode 100644 index 94ab18d..0000000 --- a/src/krb5-auth-dbus.c +++ /dev/null @@ -1,120 +0,0 @@ -/* Krb5 Auth Applet -- Acquire and release kerberos tickets - * - * (C) 2008,2009 Guido Guenther - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - * - */ - -#include "config.h" - -#include -#include "krb5-auth-applet.h" -#include "krb5-auth-dialog.h" -#include "krb5-auth-dbus.h" -#include "krb5-auth-applet-dbus-glue.h" - -static DBusGConnection *session; - -gboolean -ka_dbus_acquire_tgt (KaApplet *applet, - const gchar *principal, DBusGMethodInvocation *context) -{ - gboolean success; - - KA_DEBUG("Getting TGT for '%s'", principal); - success = ka_check_credentials(applet, principal); - dbus_g_method_return(context, success); - return TRUE; -} - - -gboolean -ka_dbus_destroy_ccache(KaApplet* applet, DBusGMethodInvocation *context) -{ - gboolean success; - - KA_DEBUG("Destroying ticket cache"); - success = ka_destroy_ccache (applet); - dbus_g_method_return(context, success); - return TRUE; -} - - -gboolean -ka_dbus_service(KaApplet* applet) -{ - dbus_g_connection_register_g_object (session, - "/org/gnome/KrbAuthDialog", - G_OBJECT(applet)); - return TRUE; -} - - -gboolean -ka_dbus_connect(unsigned int* status) -{ - guint request_name_reply; - unsigned int flags; - DBusGProxy *bus_proxy; - GError *error = NULL; - - /* Connect to the session bus so we get exit-on-disconnect semantics. */ - session = dbus_g_bus_get(DBUS_BUS_SESSION, &error); - if (session == NULL) { - g_error ("couldn't connect to session bus: %s", (error) ? error->message : "(null)"); - *status = 1; - g_clear_error (&error); - return FALSE; - } - flags = DBUS_NAME_FLAG_DO_NOT_QUEUE; - bus_proxy = dbus_g_proxy_new_for_name (session, - "org.freedesktop.DBus", - "/org/freedesktop/DBus", - "org.freedesktop.DBus"); - - dbus_g_object_type_install_info(KA_TYPE_APPLET, - &dbus_glib_krb5_auth_dialog_object_info); - - if (!dbus_g_proxy_call (bus_proxy, - "RequestName", - &error, - G_TYPE_STRING, - "org.gnome.KrbAuthDialog", - G_TYPE_UINT, - flags, - G_TYPE_INVALID, - G_TYPE_UINT, - &request_name_reply, - G_TYPE_INVALID)) { - g_warning ("Failed to invoke RequestName: %s", - error->message); - } - g_clear_error (&error); - g_object_unref (bus_proxy); - - if (request_name_reply == DBUS_REQUEST_NAME_REPLY_PRIMARY_OWNER - || request_name_reply == DBUS_REQUEST_NAME_REPLY_ALREADY_OWNER) - ; - else if (request_name_reply == DBUS_REQUEST_NAME_REPLY_EXISTS - || request_name_reply == DBUS_REQUEST_NAME_REPLY_IN_QUEUE) { - *status = 0; - return FALSE; - } else { - g_assert_not_reached(); - } - return TRUE; -} - diff --git a/src/krb5-auth-dbus.h b/src/krb5-auth-dbus.h deleted file mode 100644 index 0d3acd0..0000000 --- a/src/krb5-auth-dbus.h +++ /dev/null @@ -1,37 +0,0 @@ -/* Krb5 Auth Applet -- Acquire and release kerberos tickets - * - * (C) 2008 Guido Guenther - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - * - */ - -#ifndef KRB5_AUTH_DBUS_H -#define KRB5_AUTH_DBUS_H - -#include -#include -#include -#include "krb5-auth-applet.h" - -gboolean ka_dbus_connect(unsigned int* status); -gboolean ka_dbus_service(KaApplet* applet); -gboolean ka_dbus_acquire_tgt (KaApplet *applet, - const gchar *principal, - DBusGMethodInvocation *context); -gboolean ka_dbus_destroy_ccache(KaApplet* applet, - DBusGMethodInvocation *context); - -#endif /* KRB5_AUTH_DBUS_H */ diff --git a/src/krb5-auth-dialog.c b/src/krb5-auth-dialog.c deleted file mode 100644 index 7b2933b..0000000 --- a/src/krb5-auth-dialog.c +++ /dev/null @@ -1,1171 +0,0 @@ -/* - * Copyright (C) 2004,2005,2006 Red Hat, Inc. - * Authored by Christopher Aillon - * - * Copyright (C) 2008,2009,2010 Guido Guenther - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - * - */ - -#include "config.h" - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include "gtksecentry.h" -#include "secmem-util.h" -#include "memory.h" - -#include "krb5-auth-dialog.h" -#include "krb5-auth-applet.h" -#include "krb5-auth-pwdialog.h" -#include "krb5-auth-dbus.h" -#include "krb5-auth-tools.h" -#include "krb5-auth-tickets.h" - -#ifdef ENABLE_NETWORK_MANAGER -#include -#endif - -#ifdef HAVE_HX509_ERR_H -# include -#endif - -static krb5_context kcontext; -static krb5_principal kprincipal; -static krb5_timestamp creds_expiry; -static krb5_timestamp canceled_creds_expiry; -static gboolean canceled; -static gboolean invalid_auth; -static gboolean always_run; -static gboolean is_online = TRUE; - -static int grab_credentials (KaApplet* applet); -static int ka_renew_credentials (KaApplet* applet); -static gboolean ka_get_tgt_from_ccache (krb5_context context, krb5_creds *creds); - -#ifdef ENABLE_NETWORK_MANAGER -libnm_glib_ctx *nm_context; -#endif - -/* YAY for different Kerberos implementations */ -static int -get_cred_forwardable(krb5_creds *creds) -{ -#if defined(HAVE_KRB5_CREDS_TICKET_FLAGS) && defined(TKT_FLG_FORWARDABLE) - return creds->ticket_flags & TKT_FLG_FORWARDABLE; -#elif defined(HAVE_KRB5_CREDS_FLAGS_B_FORWARDABLE) - return creds->flags.b.forwardable; -#elif defined(HAVE_KRB5_CREDS_FLAGS) && defined(KDC_OPT_FORWARDABLE) - return creds->flags & KDC_OPT_FORWARDABLE; -#endif -} - -static int -get_cred_renewable(krb5_creds *creds) -{ -#if defined(HAVE_KRB5_CREDS_TICKET_FLAGS) && defined(TKT_FLG_RENEWABLE) - return creds->ticket_flags & TKT_FLG_RENEWABLE; -#elif defined(HAVE_KRB5_CREDS_FLAGS_B_RENEWABLE) - return creds->flags.b.renewable; -#elif defined(HAVE_KRB5_CREDS_FLAGS) && defined(KDC_OPT_RENEWABLE) - return creds->flags & KDC_OPT_RENEWABLE; -#endif -} - -static krb5_error_code -get_renewed_creds(krb5_context context, - krb5_creds *creds, - krb5_principal client, - krb5_ccache ccache, - char *in_tkt_service) -{ -#ifdef HAVE_KRB5_GET_RENEWED_CREDS - return krb5_get_renewed_creds (context, creds, client, ccache, in_tkt_service); -#else - return 1; /* XXX is there something better to return? */ -#endif -} - -static int -get_cred_proxiable(krb5_creds *creds) -{ -#if defined(HAVE_KRB5_CREDS_TICKET_FLAGS) && defined(TKT_FLG_PROXIABLE) - return creds->ticket_flags & TKT_FLG_PROXIABLE; -#elif defined(HAVE_KRB5_CREDS_FLAGS_B_PROXIABLE) - return creds->flags.b.proxiable; -#elif defined(HAVE_KRB5_CREDS_FLAGS) && defined(KDC_OPT_PROXIABLE) - return creds->flags & KDC_OPT_PROXIABLE; -#endif -} - -static size_t -get_principal_realm_length(krb5_principal p) -{ -#if defined(HAVE_KRB5_PRINCIPAL_REALM_AS_STRING) - return strlen(p->realm); -#elif defined(HAVE_KRB5_PRINCIPAL_REALM_AS_DATA) - return p->realm.length; -#endif -} - -static const char * -get_principal_realm_data(krb5_principal p) -{ -#if defined(HAVE_KRB5_PRINCIPAL_REALM_AS_STRING) - return p->realm; -#elif defined(HAVE_KRB5_PRINCIPAL_REALM_AS_DATA) - return p->realm.data; -#endif -} - -static void -ka_krb5_free_error_message(krb5_context context, const char* msg) -{ -#if defined(HAVE_KRB5_FREE_ERROR_MESSAGE) - krb5_free_error_message(context, msg); -#elif defined(HAVE_KRB5_FREE_ERROR_STRING) - krb5_free_error_string(context, (char *) msg); -#else -# error No way to free error string. -#endif -} - -/* - * Returns a descriptive error message or kerberos related error - * returned pointer must be freed using g_free(). - */ -static char* -ka_get_error_message(krb5_context context, krb5_error_code err) -{ - char *msg = NULL; -#if defined(HAVE_KRB5_GET_ERROR_MESSAGE) - const char *krberr; - - krberr = krb5_get_error_message(context, err); - msg = g_strdup(krberr); - ka_krb5_free_error_message(context, krberr); -#else -# error No detailed error message information -#endif - if (msg == NULL) - msg = g_strdup(_("unknown error")); - return msg; -} - - -static void -ka_krb5_cc_clear_mcred(krb5_creds* mcred) -{ -#if defined HAVE_KRB5_CC_CLEAR_MCRED - krb5_cc_clear_mcred(mcred); -#else - memset(mcred, 0, sizeof(krb5_creds)); -#endif -} - - -/* ***************************************************************** */ -/* ***************************************************************** */ - -/* log a kerberos error messge */ -static void -ka_log_error_message(const char* prefix, krb5_context context, krb5_error_code err) -{ - char *errmsg = ka_get_error_message(context, err); - - g_warning("%s: %s", prefix, errmsg); - g_free (errmsg); -} - - -static gboolean -credentials_expiring_real (KaApplet* applet) -{ - krb5_creds my_creds; - krb5_timestamp now; - gboolean retval = FALSE; - - ka_applet_set_tgt_renewable(applet, FALSE); - if (!ka_get_tgt_from_ccache (kcontext, &my_creds)) { - creds_expiry = 0; - retval = TRUE; - goto out; - } - - /* copy principal from cache if any */ - if (krb5_principal_compare (kcontext, my_creds.client, kprincipal)) { - krb5_free_principal(kcontext, kprincipal); - krb5_copy_principal(kcontext, my_creds.client, &kprincipal); - } - creds_expiry = my_creds.times.endtime; - if ((krb5_timeofday(kcontext, &now) == 0) && - (now + ka_applet_get_pw_prompt_secs(applet) > my_creds.times.endtime)) - retval = TRUE; - - /* If our creds are expiring, determine whether they are renewable */ - if (retval && get_cred_renewable(&my_creds) && my_creds.times.renew_till > now) { - ka_applet_set_tgt_renewable(applet, TRUE); - } - - krb5_free_cred_contents (kcontext, &my_creds); -out: - ka_applet_update_status(applet, creds_expiry); - return retval; -} - - -/* time in seconds the tgt will be still valid */ -int -ka_tgt_valid_seconds() -{ - krb5_timestamp now; - - if (krb5_timeofday(kcontext, &now)) - return 0; - - return (creds_expiry - now); -} - - -/* return credential cache filename, strip "FILE:" prefix if necessary */ -static const char* -ka_ccache_filename (void) -{ - const gchar *name; - - name = krb5_cc_default_name (kcontext); - if (g_str_has_prefix (name, "FILE:")) - return strchr(name,':')+1; - else if (g_str_has_prefix (name, "SCC:")) - g_warning ("Cannot monitor sqlite based cache '%s'", name); - else - g_warning ("Unsupported cache type for '%s'", name); - return NULL; -} - - -static void -ka_format_time (time_t t, gchar *ts, size_t len) -{ - g_strlcpy(ts, ctime(&t)+ 4, len); - ts[15] = 0; -} - - -/* fill in service tickets data */ -gboolean -ka_get_service_tickets (GtkListStore *tickets) -{ - krb5_cc_cursor cursor; - krb5_creds creds; - krb5_error_code ret; - GtkTreeIter iter; - krb5_ccache ccache; - char *name; - krb5_timestamp sec; - gchar start_time[128], end_time[128], end_time_markup[256]; - gboolean retval = FALSE; - - gtk_list_store_clear(tickets); - - krb5_timeofday (kcontext, &sec); - ret = krb5_cc_default (kcontext, &ccache); - g_return_val_if_fail (!ret, FALSE); - - ret = krb5_cc_start_seq_get (kcontext, ccache, &cursor); - if (ret) { - ka_log_error_message("krb5_cc_start_seq_get", kcontext, ret); - - /* if the file doesn't exist, it's not an error if we can't - * parse it */ - if (!g_file_test(ka_ccache_filename (), - G_FILE_TEST_EXISTS)) - retval = TRUE; - goto out; - } - - while ((ret = krb5_cc_next_cred (kcontext, - ccache, - &cursor, - &creds)) == 0) { - gboolean renewable, proxiable, forwardable; - - if (creds.times.starttime) - ka_format_time(creds.times.starttime, start_time, - sizeof(start_time)); - else - ka_format_time(creds.times.authtime, start_time, - sizeof(start_time)); - - ka_format_time(creds.times.endtime, end_time, - sizeof(end_time)); - if (creds.times.endtime > sec) - strcpy(end_time_markup, end_time); - else - g_snprintf(end_time_markup, sizeof(end_time_markup), - "%s (%s)", - end_time, _("Expired")); - - forwardable = get_cred_forwardable(&creds); - renewable = get_cred_renewable(&creds); - proxiable = get_cred_proxiable(&creds); - - ret = krb5_unparse_name (kcontext, creds.server, &name); - if (!ret) { - gtk_list_store_append(tickets, &iter); - gtk_list_store_set(tickets, &iter, - PRINCIPAL_COLUMN, name, - START_TIME_COLUMN, start_time, - END_TIME_COLUMN, end_time_markup, - FORWARDABLE_COLUMN, forwardable, - RENEWABLE_COLUMN, renewable, - PROXIABLE_COLUMN, proxiable, - -1); - free(name); - } else - ka_log_error_message("krb5_unparse_name", kcontext, ret); - krb5_free_cred_contents (kcontext, &creds); - } - if(ret != KRB5_CC_END) - ka_log_error_message("krb5_cc_get_next", kcontext, ret); - - ret = krb5_cc_end_seq_get (kcontext, ccache, &cursor); - if (ret) - ka_log_error_message("krb5_cc_end_seq_get", kcontext, ret); - - retval = TRUE; -out: - ret = krb5_cc_close (kcontext, ccache); - g_return_val_if_fail (!ret, FALSE); - - return retval; -} - - -/* Check for things we have to do while the password dialog is open */ -static gboolean -krb5_auth_dialog_do_updates (gpointer data) -{ - KaApplet* applet = KA_APPLET(data); - KaPwDialog* pwdialog = ka_applet_get_pwdialog(applet); - - g_return_val_if_fail (pwdialog != NULL, FALSE); - /* Update creds_expiry and close the applet if we got the creds by other means (e.g. kinit) */ - if (!credentials_expiring_real(applet)) - ka_pwdialog_hide(pwdialog, FALSE); - - /* Update the expiry information in the dialog */ - ka_pwdialog_status_update (pwdialog); - return TRUE; -} - - -static krb5_error_code -auth_dialog_prompter (krb5_context ctx G_GNUC_UNUSED, - void *data, - const char *name G_GNUC_UNUSED, - const char *banner G_GNUC_UNUSED, - int num_prompts, - krb5_prompt prompts[]) -{ - KaApplet *applet = KA_APPLET(data); - KaPwDialog *pwdialog = ka_applet_get_pwdialog(applet); - krb5_error_code errcode; - int i; - - errcode = KRB5KRB_ERR_GENERIC; - canceled = FALSE; - canceled_creds_expiry = 0; - - for (i = 0; i < num_prompts; i++) { - const gchar *password = NULL; - int password_len = 0; - int response; - guint32 source_id; - - errcode = KRB5_LIBOS_CANTREADPWD; - - source_id = g_timeout_add_seconds (5, (GSourceFunc)krb5_auth_dialog_do_updates, applet); - ka_pwdialog_setup (pwdialog, (gchar *) prompts[i].prompt, invalid_auth); - response = ka_pwdialog_run (pwdialog); - switch (response) - { - case GTK_RESPONSE_OK: - password = ka_pwdialog_get_password(pwdialog); - password_len = strlen (password); - break; - case GTK_RESPONSE_DELETE_EVENT: - case GTK_RESPONSE_CANCEL: - canceled = TRUE; - break; - case GTK_RESPONSE_NONE: - break; - default: - g_warning ("Unknown Response: %d", response); - g_assert_not_reached (); - } - g_source_remove (source_id); - - if (!password) - goto cleanup; - if (password_len+1 > prompts[i].reply->length) { - g_warning("Password too long %d/%d", password_len+1, prompts[i].reply->length); - goto cleanup; - } - - memcpy(prompts[i].reply->data, (char *) password, password_len + 1); - prompts[i].reply->length = password_len; - errcode = 0; - } -cleanup: - ka_pwdialog_hide (pwdialog, TRUE); - /* Reset this, so we know the next time we get a TRUE value, it is accurate. */ - invalid_auth = FALSE; - - return errcode; -} - - -#ifdef ENABLE_NETWORK_MANAGER -static void -network_state_cb (libnm_glib_ctx *context, - gpointer data) -{ - gboolean *online = (gboolean*) data; - - libnm_glib_state state; - - state = libnm_glib_get_network_state (context); - - switch (state) - { - case LIBNM_NO_DBUS: - case LIBNM_NO_NETWORKMANAGER: - case LIBNM_INVALID_CONTEXT: - /* do nothing */ - break; - case LIBNM_NO_NETWORK_CONNECTION: - *online = FALSE; - break; - case LIBNM_ACTIVE_NETWORK_CONNECTION: - *online = TRUE; - break; - } -} -#endif - -/* credentials expiring timer */ -static gboolean -credentials_expiring (gpointer *data) -{ - int retval; - gboolean give_up; - KaApplet* applet = KA_APPLET(data); - - KA_DEBUG("Checking expiry <%ds", ka_applet_get_pw_prompt_secs(applet)); - if (credentials_expiring_real (applet) && is_online) { - KA_DEBUG("Expiry @ %ld", creds_expiry); - - if (!ka_renew_credentials (applet)) { - KA_DEBUG("Credentials renewed"); - goto out; - } - - /* no popup when using a trayicon */ - if (ka_applet_get_show_trayicon(applet)) - goto out; - - give_up = canceled && (creds_expiry == canceled_creds_expiry); - if (!give_up) { - do { - retval = grab_credentials (applet); - give_up = canceled && - (creds_expiry == canceled_creds_expiry); - } while ((retval != 0) && - (retval != KRB5_REALM_CANT_RESOLVE) && - (retval != KRB5_KDC_UNREACH) && - invalid_auth && - !give_up); - } - } -out: - ka_applet_update_status(applet, creds_expiry); - return TRUE; -} - - -/* - * set ticket options by looking at krb5.conf and gconf - */ -static void -ka_set_ticket_options(KaApplet* applet, krb5_context context, - krb5_get_init_creds_opt *out, - const char* pk_userid G_GNUC_UNUSED, - const char* pk_anchors G_GNUC_UNUSED) -{ - gboolean flag; -#ifdef HAVE_KRB5_GET_INIT_CREDS_OPT_SET_DEFAULT_FLAGS - krb5_get_init_creds_opt_set_default_flags(context, PACKAGE, - krb5_principal_get_realm(context, kprincipal), out); -#endif - g_object_get(applet, "tgt-forwardable", &flag, NULL); - if (flag) - krb5_get_init_creds_opt_set_forwardable(out, flag); - g_object_get(applet, "tgt-proxiable", &flag, NULL); - if (flag) - krb5_get_init_creds_opt_set_proxiable(out, flag); - g_object_get(applet, "tgt-renewable", &flag, NULL); - if (flag) { - krb5_deltat r = 3600*24*30; /* 1 month */ - krb5_get_init_creds_opt_set_renew_life (out, r); - } - -#if ENABLE_PKINIT && HAVE_KRB5_GET_INIT_CREDS_OPT_SET_PA - /* pkinit optins for MIT Kerberos */ - if (pk_userid && strlen(pk_userid)) { - KA_DEBUG("pkinit with '%s'", pk_userid); - krb5_get_init_creds_opt_set_pa(context, out, - "X509_user_identity", pk_userid); - if (pk_anchors && strlen(pk_anchors)) { - KA_DEBUG("pkinit anchors '%s'", pk_anchors); - krb5_get_init_creds_opt_set_pa(context, out, - "X509_anchors", pk_anchors); - } - } -#endif /* HAVE_KRB5_GET_INIT_CREDS_OPT_SET_PA */ -} - - -/* - * set ticket options - * by looking at krb5.conf, the passed in creds and gconf - */ -static void -set_options_from_creds(const KaApplet* applet, - krb5_context context, - krb5_creds *in, - krb5_get_init_creds_opt *out) -{ - krb5_deltat renew_lifetime; - int flag; - -#ifdef HAVE_KRB5_GET_INIT_CREDS_OPT_SET_DEFAULT_FLAGS - krb5_get_init_creds_opt_set_default_flags(context, PACKAGE, - krb5_principal_get_realm(context, kprincipal), out); -#endif - - flag = get_cred_forwardable(in) != 0; - krb5_get_init_creds_opt_set_forwardable(out, flag); - flag = get_cred_proxiable(in) != 0; - krb5_get_init_creds_opt_set_proxiable(out, flag); - flag = get_cred_renewable(in) != 0; - if (flag && (in->times.renew_till > in->times.starttime)) { - renew_lifetime = in->times.renew_till - - in->times.starttime; - krb5_get_init_creds_opt_set_renew_life(out, - renew_lifetime); - } - if (in->times.endtime > - in->times.starttime + ka_applet_get_pw_prompt_secs(applet)) { - krb5_get_init_creds_opt_set_tkt_life(out, - in->times.endtime - - in->times.starttime); - } - /* This doesn't do a deep copy -- fix it later. */ - /* krb5_get_init_creds_opt_set_address_list(out, creds->addresses); */ -} - - -#if ENABLE_PKINIT && HAVE_KRB5_GET_INIT_CREDS_OPT_SET_PKINIT -static krb5_error_code -ka_auth_heimdal_pkinit(KaApplet* applet, krb5_creds* creds, - const char* pk_userid, const char* pk_anchors) -{ - krb5_get_init_creds_opt *opts = NULL; - krb5_error_code retval; - const char* pkinit_anchors = NULL; - - KA_DEBUG("pkinit with '%s'", pk_userid); - if (pk_anchors && strlen (pk_anchors)) { - pkinit_anchors = pk_anchors; - KA_DEBUG("pkinit anchors '%s'", pkinit_anchors); - } - - if ((retval = krb5_get_init_creds_opt_alloc (kcontext, &opts))) - goto out; - - ka_set_ticket_options (applet, kcontext, opts, NULL, NULL); - retval = krb5_get_init_creds_opt_set_pkinit(kcontext, opts, - kprincipal, - pk_userid, - pkinit_anchors, - NULL, - NULL, - 0, /* pk_use_enc_key */ - auth_dialog_prompter, - applet, /* data */ - NULL); /* passwd */ - KA_DEBUG("pkinit returned with %d", retval); - if (retval) - goto out; - - retval = krb5_get_init_creds_password(kcontext, creds, kprincipal, - NULL, auth_dialog_prompter, applet, - 0, NULL, opts); -out: - if (opts) - krb5_get_init_creds_opt_free(kcontext, opts); - return retval; -} -#endif /* ! ENABLE_PKINIT */ - -static krb5_error_code -ka_auth_password(KaApplet* applet, krb5_creds* creds, - const char* pk_userid, const char* pk_anchors) -{ - krb5_error_code retval; - krb5_get_init_creds_opt *opts = NULL; - - if ((retval = krb5_get_init_creds_opt_alloc (kcontext, &opts))) - goto out; - ka_set_ticket_options (applet, kcontext, opts, - pk_userid, pk_anchors); - - retval = krb5_get_init_creds_password(kcontext, creds, kprincipal, - NULL, auth_dialog_prompter, applet, - 0, NULL, opts); -out: - if (opts) - krb5_get_init_creds_opt_free(kcontext, opts); - return retval; -} - -static krb5_error_code -ka_parse_name(KaApplet* applet, krb5_context krbcontext, krb5_principal* kprinc) -{ - krb5_error_code ret; - gchar *principal = NULL; - - if (*kprinc != NULL) - krb5_free_principal(krbcontext, *kprinc); - - g_object_get(applet, "principal", &principal, NULL); - ret = krb5_parse_name(krbcontext, principal, kprinc); - - g_free(principal); - return ret; -} - - -/* - * return current principal in text form - * - * caller needs to free the returned result using g_free(); - */ -char* -ka_unparse_name () -{ - char *princ, *gprinc = NULL; - krb5_error_code err; - - if (!kprincipal) - goto out; - - if ((err = krb5_unparse_name (kcontext, kprincipal, &princ))) { - ka_log_error_message(__func__, kcontext, err); - goto out; - } - - gprinc = g_strdup (princ); - free (princ); -out: - return gprinc; -} - - -static void -ccache_changed_cb (GFileMonitor *monitor G_GNUC_UNUSED, - GFile *file, - GFile *other_file G_GNUC_UNUSED, - GFileMonitorEvent event_type, - gpointer data) -{ - KaApplet *applet = KA_APPLET(data); - gchar *ccache_name = g_file_get_path(file); - - switch (event_type) { - case G_FILE_MONITOR_EVENT_DELETED: - case G_FILE_MONITOR_EVENT_CREATED: - case G_FILE_MONITOR_EVENT_CHANGED: - KA_DEBUG ("%s changed", ccache_name); - credentials_expiring ((gpointer)applet); - break; - default: - KA_DEBUG ("%s unhandled event: %d", ccache_name, event_type); - } - g_free (ccache_name); -} - - -static gboolean -monitor_ccache(KaApplet *applet) -{ - const gchar *ccache_name; - GFile *ccache; - GFileMonitor *monitor; - GError *err = NULL; - gboolean ret = FALSE; - - ccache_name = ka_ccache_filename (); - g_return_val_if_fail (ccache_name != NULL, FALSE); - - ccache = g_file_new_for_path (ccache_name); - monitor = g_file_monitor_file (ccache, G_FILE_MONITOR_NONE, NULL, &err); - g_assert ((!monitor && err) || (monitor && !err)); - if (!monitor) { - /* cache disappeared? */ - if (err->code == G_FILE_ERROR_NOENT) - credentials_expiring ((gpointer)applet); - else - g_warning ("Failed to monitor %s: %s", ccache_name, err->message); - goto out; - } else { - /* g_file_monitor_set_rate_limit(monitor, 10*1000); */ - g_signal_connect (monitor, "changed", G_CALLBACK (ccache_changed_cb), applet); - KA_DEBUG ("Monitoring %s", ccache_name); - ret = TRUE; - } -out: - g_object_unref (ccache); - if (err) - g_error_free (err); - return ret; -} - - -/* grab credentials interactively */ -static int -grab_credentials (KaApplet* applet) -{ - krb5_error_code retval = KRB5_KDC_UNREACH; - krb5_creds my_creds; - krb5_ccache ccache; - gchar *pk_userid = NULL; - gchar *pk_anchors = NULL; - gchar *errmsg = NULL; - gboolean pw_auth = TRUE; - - memset(&my_creds, 0, sizeof(my_creds)); - - retval = ka_parse_name(applet, kcontext, &kprincipal); - if (retval) - goto out2; - - retval = krb5_cc_default (kcontext, &ccache); - if (retval) - goto out2; - - g_object_get(applet, "pk-userid", &pk_userid, - "pk-anchors", &pk_anchors, - NULL); -#if ENABLE_PKINIT && HAVE_HX509_ERR_H && HAVE_KRB5_GET_INIT_CREDS_OPT_SET_PKINIT - /* pk_userid set: try pkinit */ - if (pk_userid && strlen(pk_userid)) { - retval = ka_auth_heimdal_pkinit(applet, &my_creds, - pk_userid, pk_anchors); - /* other error than: "no token found" - no need to try password auth: */ - if (retval != HX509_PKCS11_NO_TOKEN && retval != HX509_PKCS11_NO_SLOT) - pw_auth = FALSE; - } -#endif /* ENABLE_PKINIT */ - if (pw_auth) - retval = ka_auth_password(applet, &my_creds, - pk_userid, pk_anchors); - - creds_expiry = my_creds.times.endtime; - if (canceled) - canceled_creds_expiry = creds_expiry; - if (retval) { - switch (retval) { - case KRB5KDC_ERR_PREAUTH_FAILED: - case KRB5KRB_AP_ERR_BAD_INTEGRITY: -#ifdef HAVE_HX509_ERR_H - case HX509_PKCS11_LOGIN: -#endif /* Invalid password/pin, try again. */ - invalid_auth = TRUE; - break; - default: - errmsg = ka_get_error_message(kcontext, retval); - KA_DEBUG("Auth failed with %d: %s", retval, - errmsg); - g_free(errmsg); - break; - } - goto out; - } - retval = krb5_cc_initialize(kcontext, ccache, kprincipal); - if (retval) - goto out; - - retval = krb5_cc_store_cred(kcontext, ccache, &my_creds); - if (retval) - goto out; -out: - krb5_free_cred_contents (kcontext, &my_creds); - krb5_cc_close (kcontext, ccache); -out2: - g_free(pk_userid); - return retval; -} - -/* try to renew the credentials noninteractively */ -static int -ka_renew_credentials (KaApplet* applet) -{ - krb5_error_code retval; - krb5_creds my_creds; - krb5_ccache ccache; - krb5_get_init_creds_opt opts; - - if (kprincipal == NULL) { - retval = ka_parse_name(applet, kcontext, &kprincipal); - if (retval) - return retval; - } - - retval = krb5_cc_default (kcontext, &ccache); - if (retval) - return retval; - - retval = ka_get_tgt_from_ccache (kcontext, &my_creds); - if (!retval) { - krb5_cc_close (kcontext, ccache); - return -1; - } - - krb5_get_init_creds_opt_init (&opts); - set_options_from_creds (applet, kcontext, &my_creds, &opts); - - if (ka_applet_get_tgt_renewable(applet)) { - - retval = get_renewed_creds (kcontext, &my_creds, kprincipal, ccache, NULL); - if (retval) - goto out; - - retval = krb5_cc_initialize(kcontext, ccache, kprincipal); - if(retval) { - ka_log_error_message("krb5_cc_initialize", kcontext, retval); - goto out; - } - retval = krb5_cc_store_cred(kcontext, ccache, &my_creds); - if (retval) { - ka_log_error_message("krb5_cc_store_cred", kcontext, retval); - goto out; - } - ka_applet_signal_emit (applet, KA_SIGNAL_RENEWED_TGT, - my_creds.times.endtime); - } -out: - creds_expiry = my_creds.times.endtime; - krb5_free_cred_contents (kcontext, &my_creds); - krb5_cc_close (kcontext, ccache); - return retval; -} - - -/* get principal associated with the default credentials cache - if found store - * it in *creds, return FALSE otwerwise */ -static gboolean -ka_get_tgt_from_ccache (krb5_context context, krb5_creds *creds) -{ - krb5_ccache ccache; - krb5_creds pattern; - krb5_principal principal; - gboolean ret = FALSE; - - ka_krb5_cc_clear_mcred(&pattern); - - if (krb5_cc_default(context, &ccache)) - return FALSE; - - if (krb5_cc_get_principal(context, ccache, &principal)) - goto out; - - if (krb5_build_principal_ext(context, &pattern.server, - get_principal_realm_length(principal), - get_principal_realm_data(principal), - KRB5_TGS_NAME_SIZE, - KRB5_TGS_NAME, - get_principal_realm_length(principal), - get_principal_realm_data(principal), 0)) { - goto out_free_princ; - } - - pattern.client = principal; - if (!krb5_cc_retrieve_cred(context, ccache, 0, &pattern, creds)) - ret = TRUE; - krb5_free_principal(context, pattern.server); - -out_free_princ: - krb5_free_principal(context, principal); -out: - krb5_cc_close(context, ccache); - return ret; -} - -static gboolean -using_krb5(void) -{ - krb5_error_code err; - gboolean have_tgt = FALSE; - krb5_creds creds; - - err = krb5_init_context(&kcontext); - if (err) - return FALSE; - - have_tgt = ka_get_tgt_from_ccache(kcontext, &creds); - if (have_tgt) { - krb5_copy_principal(kcontext, creds.client, &kprincipal); - krb5_free_cred_contents (kcontext, &creds); - } - return have_tgt; -} - - -gboolean -ka_destroy_ccache (KaApplet *applet) -{ - krb5_ccache ccache; - const char* cache; - krb5_error_code ret; - - cache = krb5_cc_default_name(kcontext); - ret = krb5_cc_resolve(kcontext, cache, &ccache); - ret = krb5_cc_destroy (kcontext, ccache); - - credentials_expiring_real(applet); - - if (ret) - return FALSE; - else - return TRUE; -} - - -/* - * check if we have valid credentials for the requested principal - if not, grab them - * principal: requested principal - if empty use default - */ -gboolean -ka_check_credentials (KaApplet *applet, const char* newprincipal) -{ - gboolean success = FALSE; - int retval; - char* principal; - - g_object_get(applet, "principal", &principal, NULL); - - if (strlen(newprincipal)) { - krb5_principal knewprinc; - - /* no ticket cache: is requested princ the one from our config? */ - if (!kprincipal && g_strcmp0(principal, newprincipal)) { - KA_DEBUG("Requested principal %s not %s", principal, newprincipal); - goto out; - } - - /* ticket cache: check if the requested principal is the one we have */ - retval = krb5_parse_name(kcontext, newprincipal, &knewprinc); - if (retval) { - g_warning ("Cannot parse principal '%s'", newprincipal); - goto out; - } - if (kprincipal && !krb5_principal_compare (kcontext, kprincipal, knewprinc)) { - KA_DEBUG("Current Principal '%s' not '%s'", principal, newprincipal); - krb5_free_principal(kcontext, knewprinc); - goto out; - } - krb5_free_principal(kcontext, knewprinc); - } - - if (credentials_expiring_real (applet)) { - if (!is_online) - success = FALSE; - else - success = ka_grab_credentials (applet); - } else - success = TRUE; -out: - g_free (principal); - return success; -} - - -/* initiate grabbing of credentials (e.g. on leftclick of tray icon) */ -gboolean -ka_grab_credentials (KaApplet* applet) -{ - int retval; - int success = FALSE; - KaPwDialog *pwdialog = ka_applet_get_pwdialog(applet); - - ka_pwdialog_set_persist(pwdialog, TRUE); - do { - retval = grab_credentials (applet); - if (invalid_auth) - continue; - if (canceled) - break; - if (retval) { - gchar *errmsg; - - errmsg = ka_get_error_message(kcontext, retval); - ka_pwdialog_error(pwdialog, errmsg); - g_free (errmsg); - break; - } else { - success = TRUE; - break; - } - } while(TRUE); - - ka_pwdialog_set_persist(pwdialog, FALSE); - credentials_expiring_real(applet); - - return success; -} - - -static void -ka_secmem_init (void) -{ - /* Initialize secure memory. 1 is too small, so the default size - will be used. */ - secmem_init (1); - secmem_set_flags (SECMEM_WARN); - drop_privs (); - - if (atexit (secmem_term)) - g_error("Couln't register atexit handler"); -} - - -static void -ka_nm_shutdown(void) -{ -#ifdef ENABLE_NETWORK_MANAGER - if (nm_context) { - libnm_glib_shutdown (nm_context); - nm_context = NULL; - } -#endif -} - - -static gboolean -ka_nm_init(void) -{ -#ifdef ENABLE_NETWORK_MANAGER - guint32 nm_callback_id; - - nm_context = libnm_glib_init (); - if (!nm_context) { - g_warning ("Could not initialize libnm_glib"); - } else { - nm_callback_id = libnm_glib_register_callback (nm_context, network_state_cb, &is_online, NULL); - if (nm_callback_id == 0) { - ka_nm_shutdown (); - - g_warning ("Could not connect to NetworkManager, connection status will not be managed!"); - } - } -#endif /* ENABLE_NETWORK_MANAGER */ - return TRUE; -} - - -int -main (int argc, char *argv[]) -{ - KaApplet *applet; - GOptionContext *context; - GError *error = NULL; - - guint status = 0; - gboolean run_auto = FALSE, run_always = FALSE; - - const char *help_msg = "Run '" PACKAGE " --help' to see a full list of available command line options"; - const GOptionEntry options [] = { - {"auto", 'a', 0, G_OPTION_ARG_NONE, &run_auto, - "Only run if an initialized ccache is found (default)", NULL}, - {"always", 'A', 0, G_OPTION_ARG_NONE, &run_always, - "Always run", NULL}, - { NULL, 0, 0, G_OPTION_ARG_NONE, NULL, NULL, NULL } - }; - - context = g_option_context_new ("- Kerberos 5 credential checking"); - g_option_context_add_main_entries (context, options, NULL); - g_option_context_add_group (context, gtk_get_option_group (TRUE)); - g_option_context_parse (context, &argc, &argv, &error); - - if (error) { - g_print ("%s\n%s\n", - error->message, - help_msg); - g_error_free (error); - return 1; - } - g_option_context_free (context); - - textdomain (PACKAGE); - bind_textdomain_codeset (PACKAGE, "UTF-8"); - bindtextdomain (PACKAGE, LOCALE_DIR); - ka_secmem_init(); - - if (!ka_dbus_connect (&status)) - exit(status); - - if (run_always && !run_auto) { - always_run = TRUE; - } - - if (using_krb5 () || always_run) { - g_set_application_name (KA_NAME); - - applet = ka_applet_create (); - if (!applet) - return 1; - ka_nm_init(); - - if (credentials_expiring ((gpointer)applet)) { - g_timeout_add_seconds (CREDENTIAL_CHECK_INTERVAL, (GSourceFunc)credentials_expiring, applet); - monitor_ccache (applet); - } - ka_dbus_service(applet); - gtk_main (); - } - ka_nm_shutdown(); - return 0; -} diff --git a/src/krb5-auth-dialog.h b/src/krb5-auth-dialog.h deleted file mode 100644 index 48cd0b0..0000000 --- a/src/krb5-auth-dialog.h +++ /dev/null @@ -1,33 +0,0 @@ -/* Krb5 Auth Applet -- Acquire and release kerberos tickets - * - * (C) 2008 Guido Guenther - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - * - */ - -#ifndef KRB5_AUTH_DIALOG -#define KRB5_AUTH_DIALOG - -#include "krb5-auth-applet.h" - -gboolean ka_destroy_ccache (KaApplet* applet); -gboolean ka_grab_credentials(KaApplet* applet); -gboolean ka_check_credentials (KaApplet *applet, const char* principal); -gboolean ka_get_service_tickets(GtkListStore *tickets); -char* ka_unparse_name(void); -int ka_tgt_valid_seconds(void); -#endif - diff --git a/src/krb5-auth-dialog.schemas.in b/src/krb5-auth-dialog.schemas.in index f8c7348..bb59f8e 100644 --- a/src/krb5-auth-dialog.schemas.in +++ b/src/krb5-auth-dialog.schemas.in @@ -142,5 +142,18 @@ Notify user when ticket has expired + + + /schemas/apps/krb5-auth-dialog/plugins/enabled + /apps/krb5-auth-dialog/plugins/enabled + krb5-auth-dialog + list + string + + + Enabled plugins + List of plugins that should be loaded and activated on startup. + + diff --git a/src/krb5-auth-gconf-tools.c b/src/krb5-auth-gconf-tools.c deleted file mode 100644 index 01f4d39..0000000 --- a/src/krb5-auth-gconf-tools.c +++ /dev/null @@ -1,126 +0,0 @@ -/* Krb5 Auth Applet -- Acquire and release kerberos tickets - * - * (C) 2008,2009 Guido Guenther - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - * - */ -#include "config.h" - -#include -#include - -gboolean -ka_gconf_get_string (GConfClient* client, - const char* key, - char** value) -{ - GError* error = NULL; - gboolean success = FALSE; - GConfValue* gc_value; - - g_return_val_if_fail (client != NULL, FALSE); - g_return_val_if_fail (key != NULL, FALSE); - g_return_val_if_fail (*value == NULL, FALSE); - - if ((gc_value = gconf_client_get (client, key, &error))) { - if (gc_value->type == GCONF_VALUE_STRING) { - *value = g_strdup (gconf_value_get_string (gc_value)); - success = TRUE; - } else if (error) { - g_print ("%s", error->message); - g_error_free (error); - } - gconf_value_free (gc_value); - } - return success; -} - - -gboolean -ka_gconf_get_int (GConfClient* client, - const char* key, - int* value) -{ - GError* error = NULL; - gboolean success = FALSE; - GConfValue* gc_value; - - g_return_val_if_fail (client != NULL, FALSE); - g_return_val_if_fail (key != NULL, FALSE); - g_return_val_if_fail (value != NULL, FALSE); - - if ((gc_value = gconf_client_get (client, key, &error))) - { - if (gc_value->type == GCONF_VALUE_INT) { - *value = gconf_value_get_int (gc_value); - success = TRUE; - } else if (error) { - g_print ("%s", error->message); - g_error_free (error); - } - gconf_value_free (gc_value); - } - return success; -} - - -gboolean -ka_gconf_get_bool (GConfClient* client, - const char* key, - gboolean* value) -{ - GError* error = NULL; - gboolean success = FALSE; - GConfValue* gc_value; - - g_return_val_if_fail (client != NULL, FALSE); - g_return_val_if_fail (key != NULL, FALSE); - g_return_val_if_fail (value != NULL, FALSE); - - if ((gc_value = gconf_client_get (client, key, &error))) { - if (gc_value->type == GCONF_VALUE_BOOL) { - *value = gconf_value_get_bool (gc_value); - success = TRUE; - } else if (error) { - g_print ("%s", error->message); - g_error_free (error); - } - gconf_value_free (gc_value); - } - return success; -} - - -gboolean -ka_gconf_set_bool (GConfClient* client, - const char* key, - gboolean value) -{ - GError* error = NULL; - - g_return_val_if_fail (client != NULL, FALSE); - g_return_val_if_fail (key != NULL, FALSE); - - if(!gconf_client_set_bool (client, key, value, &error)) { - if (error) { - g_print ("%s", error->message); - g_error_free (error); - } - return FALSE; - } - return TRUE; -} - diff --git a/src/krb5-auth-gconf-tools.h b/src/krb5-auth-gconf-tools.h deleted file mode 100644 index 6d9f124..0000000 --- a/src/krb5-auth-gconf-tools.h +++ /dev/null @@ -1,46 +0,0 @@ -/* Krb5 Auth Applet -- Acquire and release kerberos tickets - * - * (C) 2008,2009 Guido Guenther - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - * - */ - -#ifndef KRB5_AUTH_GCONF_TOOLS_H -#define KRB5_AUTH_GCONF_TOOLS_H - -#include "config.h" - -#include - -#define KA_GCONF_PATH "/apps/" PACKAGE -#define KA_GCONF_KEY_PRINCIPAL KA_GCONF_PATH "/principal" -#define KA_GCONF_KEY_PK_USERID KA_GCONF_PATH "/pk_userid" -#define KA_GCONF_KEY_PK_ANCHORS KA_GCONF_PATH "/pk_anchors" -#define KA_GCONF_KEY_PROMPT_MINS KA_GCONF_PATH "/prompt_minutes" -#define KA_GCONF_KEY_SHOW_TRAYICON KA_GCONF_PATH "/show_trayicon" -#define KA_GCONF_KEY_FORWARDABLE KA_GCONF_PATH "/forwardable" -#define KA_GCONF_KEY_RENEWABLE KA_GCONF_PATH "/renewable" -#define KA_GCONF_KEY_PROXIABLE KA_GCONF_PATH "/proxiable" -#define KA_GCONF_KEY_NOTIFY_VALID KA_GCONF_PATH "/notify/valid" -#define KA_GCONF_KEY_NOTIFY_EXPIRED KA_GCONF_PATH "/notify/expired" -#define KA_GCONF_KEY_NOTIFY_EXPIRING KA_GCONF_PATH "/notify/expiring" - -gboolean ka_gconf_get_string (GConfClient* client, const char* key, char** value); -gboolean ka_gconf_get_int (GConfClient* client, const char* key, int* value); -gboolean ka_gconf_get_bool (GConfClient* client, const char* key, gboolean* value); -gboolean ka_gconf_set_bool (GConfClient* client, const char* key, gboolean value); - -#endif diff --git a/src/krb5-auth-gconf.c b/src/krb5-auth-gconf.c deleted file mode 100644 index 5b9df35..0000000 --- a/src/krb5-auth-gconf.c +++ /dev/null @@ -1,210 +0,0 @@ -/* Krb5 Auth Applet -- Acquire and release kerberos tickets - * - * (C) 2008,2009 Guido Guenther - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - * - */ -#include "config.h" - -#include -#include - -#include "krb5-auth-applet.h" -#include "krb5-auth-gconf-tools.h" -#include "krb5-auth-gconf.h" - -static gboolean -ka_gconf_set_principal (GConfClient* client, KaApplet* applet) -{ - gchar* principal = NULL; - - if(!ka_gconf_get_string (client, KA_GCONF_KEY_PRINCIPAL, &principal) - || !strlen(principal)) { - g_free (principal); - principal = g_strdup (g_get_user_name()); - } - g_object_set(applet, "principal", principal, NULL); - g_free (principal); - return TRUE; -} - - -static gboolean -ka_gconf_set_pk_userid (GConfClient* client, KaApplet* applet) -{ - gchar* pk_userid = NULL; - - if(!ka_gconf_get_string (client, KA_GCONF_KEY_PK_USERID, &pk_userid)) { - pk_userid = g_strdup (""); - } - g_object_set(applet, "pk_userid", pk_userid, NULL); - g_free (pk_userid); - return TRUE; -} - - -static gboolean -ka_gconf_set_pk_anchors (GConfClient* client, KaApplet* applet) -{ - gchar* pk_anchors = NULL; - - if(!ka_gconf_get_string (client, KA_GCONF_KEY_PK_ANCHORS, &pk_anchors)) { - pk_anchors = g_strdup (""); - } - g_object_set(applet, "pk_anchors", pk_anchors, NULL); - g_free (pk_anchors); - return TRUE; -} - - -static gboolean -ka_gconf_set_prompt_mins (GConfClient* client, KaApplet* applet) -{ - gint prompt_mins = 0; - - if(!ka_gconf_get_int (client, KA_GCONF_KEY_PROMPT_MINS, &prompt_mins)) { - prompt_mins = MINUTES_BEFORE_PROMPTING; - } - g_object_set(applet, "pw-prompt-mins", prompt_mins, NULL); - return TRUE; -} - - -static gboolean -ka_gconf_set_show_trayicon (GConfClient* client, KaApplet* applet) -{ - gboolean show_trayicon = TRUE; - - if(!ka_gconf_get_bool(client, KA_GCONF_KEY_SHOW_TRAYICON, &show_trayicon)) { - show_trayicon = TRUE; - } - g_object_set(applet, "show-trayicon", show_trayicon, NULL); - return TRUE; -} - - -static gboolean -ka_gconf_set_tgt_forwardable (GConfClient* client, KaApplet* applet) -{ - gboolean forwardable = FALSE; - - if(!ka_gconf_get_bool(client, KA_GCONF_KEY_FORWARDABLE, &forwardable)) { - forwardable = FALSE; - } - g_object_set(applet, "tgt-forwardable", forwardable, NULL); - return TRUE; -} - - -static gboolean -ka_gconf_set_tgt_renewable (GConfClient* client, KaApplet* applet) -{ - gboolean renewable = FALSE; - - if(!ka_gconf_get_bool(client, KA_GCONF_KEY_RENEWABLE, &renewable)) { - renewable = FALSE; - } - g_object_set(applet, "tgt-renewable", renewable, NULL); - return TRUE; -} - - -static gboolean -ka_gconf_set_tgt_proxiable (GConfClient* client, KaApplet* applet) -{ - gboolean proxiable = FALSE; - - if(!ka_gconf_get_bool(client, KA_GCONF_KEY_PROXIABLE, &proxiable)) { - proxiable = FALSE; - } - g_object_set(applet, "tgt-proxiable", proxiable, NULL); - return TRUE; -} - - -static void -ka_gconf_key_changed_callback (GConfClient* client, - guint cnxn_id G_GNUC_UNUSED, - GConfEntry* entry, - gpointer user_data) -{ - const char* key; - - KaApplet* applet = KA_APPLET(user_data); - key = gconf_entry_get_key (entry); - if (!key) - return; - KA_DEBUG("Key %s changed", key); - - if (g_strcmp0 (key, KA_GCONF_KEY_PRINCIPAL) == 0) { - ka_gconf_set_principal (client, applet); - } else if (g_strcmp0 (key, KA_GCONF_KEY_PROMPT_MINS) == 0) { - ka_gconf_set_prompt_mins (client, applet); - } else if (g_strcmp0 (key, KA_GCONF_KEY_SHOW_TRAYICON) == 0) { - ka_gconf_set_show_trayicon (client, applet); - } else if (g_strcmp0 (key, KA_GCONF_KEY_PK_USERID) == 0) { - ka_gconf_set_pk_userid (client, applet); - } else if (g_strcmp0 (key, KA_GCONF_KEY_PK_ANCHORS) == 0) { - ka_gconf_set_pk_anchors(client, applet); - } else if (g_strcmp0 (key, KA_GCONF_KEY_FORWARDABLE) == 0) { - ka_gconf_set_tgt_forwardable (client, applet); - } else if (g_strcmp0 (key, KA_GCONF_KEY_RENEWABLE) == 0) { - ka_gconf_set_tgt_renewable (client, applet); - } else if (g_strcmp0 (key, KA_GCONF_KEY_PROXIABLE) == 0) { - ka_gconf_set_tgt_proxiable (client, applet); - } else if (g_strcmp0 (key, KA_GCONF_KEY_NOTIFY_VALID) - || g_strcmp0 (key,KA_GCONF_KEY_NOTIFY_EXPIRING) - || g_strcmp0 (key,KA_GCONF_KEY_NOTIFY_EXPIRED)) { - /* nothing to do */ - } else - g_warning("Received notification for unknown gconf key %s", key); - return; -} - - -GConfClient* -ka_gconf_init (KaApplet* applet) -{ - GError *error = NULL; - GConfClient *client; - - client = gconf_client_get_default (); - gconf_client_add_dir (client, KA_GCONF_PATH, GCONF_CLIENT_PRELOAD_ONELEVEL, &error); - if (error) - goto out; - - gconf_client_notify_add (client, KA_GCONF_PATH, - ka_gconf_key_changed_callback, applet, NULL, &error); - if (error) - goto out; - - /* setup defaults */ - ka_gconf_set_principal (client, applet); - ka_gconf_set_prompt_mins (client, applet); - ka_gconf_set_show_trayicon (client, applet); - ka_gconf_set_pk_userid(client, applet); - ka_gconf_set_pk_anchors(client, applet); - ka_gconf_set_tgt_forwardable(client, applet); - ka_gconf_set_tgt_renewable(client, applet); - ka_gconf_set_tgt_proxiable(client, applet); -out: - if(error) { - client = NULL; - g_print ("%s", error->message); - g_error_free (error); - } - return client; -} diff --git a/src/krb5-auth-gconf.h b/src/krb5-auth-gconf.h deleted file mode 100644 index e4c3b5a..0000000 --- a/src/krb5-auth-gconf.h +++ /dev/null @@ -1,29 +0,0 @@ -/* Krb5 Auth Applet -- Acquire and release kerberos tickets - * - * (C) 2008 Guido Guenther - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - * - */ - -#ifndef KRB5_AUTH_GCONF_H -#define KRB5_AUTH_GCONF_H - -#include -#include "krb5-auth-applet.h" - -GConfClient* ka_gconf_init (KaApplet* applet); - -#endif diff --git a/src/krb5-auth-pwdialog.c b/src/krb5-auth-pwdialog.c deleted file mode 100644 index 54fc292..0000000 --- a/src/krb5-auth-pwdialog.c +++ /dev/null @@ -1,310 +0,0 @@ -/* Krb5 Auth Applet -- Acquire and release kerberos tickets - * - * (C) 2009 Guido Guenther - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - * - */ - -#include "config.h" - -#include - -#include "krb5-auth-applet.h" -#include "krb5-auth-dialog.h" -#include "krb5-auth-pwdialog.h" - -struct _KaPwDialog { - GObject parent; - - KaPwDialogPrivate *priv; -}; - -struct _KaPwDialogClass { - GObjectClass parent; -}; - -G_DEFINE_TYPE(KaPwDialog, ka_pwdialog, G_TYPE_OBJECT); - -struct _KaPwDialogPrivate -{ - /* The password dialog */ - GtkWidget* dialog; /* the password dialog itself */ - GtkWidget* status_label; /* the wrong password/timeout label */ - GtkWidget* krb_label; /* krb5 passwort prompt label */ - GtkWidget* pw_entry; /* password entry field */ - gboolean persist; /* don't hide the dialog when creds are still valid */ - gboolean grabbed; /* keyboard grabbed? */ - GtkWidget* error_dialog; /* error dialog */ -}; - - -static void -ka_pwdialog_init(KaPwDialog *pwdialog) -{ - pwdialog->priv = G_TYPE_INSTANCE_GET_PRIVATE(pwdialog, - KA_TYPE_PWDIALOG, - KaPwDialogPrivate); -} - -static void -ka_pwdialog_finalize(GObject *object) -{ - KaPwDialog* pwdialog = KA_PWDIALOG (object); - GObjectClass *parent_class = G_OBJECT_CLASS (ka_pwdialog_parent_class); - - gtk_widget_destroy (pwdialog->priv->error_dialog); - pwdialog->priv->error_dialog = NULL; - - if (parent_class->finalize != NULL) - parent_class->finalize (object); -} - -static void -ka_pwdialog_class_init(KaPwDialogClass *klass) -{ - GObjectClass *object_class = G_OBJECT_CLASS(klass); - - object_class->finalize = ka_pwdialog_finalize; - g_type_class_add_private(klass, sizeof(KaPwDialogPrivate)); - -} - -static KaPwDialog* -ka_pwdialog_new(void) -{ - return g_object_new (KA_TYPE_PWDIALOG, NULL); -} - - -static gboolean -grab_keyboard (GtkWidget *win, GdkEvent *event, gpointer data) -{ - KaPwDialog* pwdialog = KA_PWDIALOG(data); - - GdkGrabStatus status; - if (!pwdialog->priv->grabbed) { - status = gdk_keyboard_grab (win->window, FALSE, gdk_event_get_time (event)); - if (status == GDK_GRAB_SUCCESS) - pwdialog->priv->grabbed = TRUE; - else - g_message ("could not grab keyboard: %d", (int)status); - } - return FALSE; -} - - -static gboolean -ungrab_keyboard (GtkWidget *win G_GNUC_UNUSED, - GdkEvent *event, - gpointer data) -{ - KaPwDialog* pwdialog = KA_PWDIALOG(data); - - if (pwdialog->priv->grabbed) - gdk_keyboard_ungrab (gdk_event_get_time (event)); - pwdialog->priv->grabbed = FALSE; - return FALSE; -} - - -static gboolean -window_state_changed (GtkWidget *win, GdkEventWindowState *event, gpointer data) -{ - GdkWindowState state = gdk_window_get_state (win->window); - - if (state & GDK_WINDOW_STATE_WITHDRAWN || - state & GDK_WINDOW_STATE_ICONIFIED || - state & GDK_WINDOW_STATE_FULLSCREEN || - state & GDK_WINDOW_STATE_MAXIMIZED) - ungrab_keyboard (win, (GdkEvent*)event, data); - else - grab_keyboard (win, (GdkEvent*)event, data); - - return FALSE; -} - - -gint -ka_pwdialog_run(KaPwDialog* self) -{ - GtkWidget *dialog = self->priv->dialog; - - /* cleanup old error dialog, if present (e.g. user didn't acknowledge - * the error but clicked the tray icon again) */ - if (self->priv->error_dialog) - gtk_widget_hide (self->priv->error_dialog); - - /* make sure we pop up on top */ - gtk_window_set_keep_above (GTK_WINDOW (dialog), TRUE); - - /* - * grab the keyboard so that people don't accidentally type their - * passwords in other windows. - */ - g_signal_connect (dialog, "map-event", G_CALLBACK (grab_keyboard), self); - g_signal_connect (dialog, "unmap-event", G_CALLBACK (ungrab_keyboard), self); - g_signal_connect (dialog, "window-state-event", G_CALLBACK (window_state_changed), self); - - gtk_widget_grab_focus (self->priv->pw_entry); - gtk_widget_show(dialog); - return gtk_dialog_run (GTK_DIALOG(dialog)); -} - - -void -ka_pwdialog_error(KaPwDialog* self, const char *msg) -{ - GtkWidget *dialog = self->priv->error_dialog; - - gtk_message_dialog_format_secondary_text (GTK_MESSAGE_DIALOG (dialog), - _("Couldn't acquire kerberos ticket: '%s'"), - _(msg)); - gtk_widget_show (GTK_WIDGET(dialog)); - gtk_dialog_run (GTK_DIALOG(dialog)); - gtk_widget_hide(dialog); -} - - -void -ka_pwdialog_set_persist (KaPwDialog* pwdialog, gboolean persist) -{ - pwdialog->priv->persist = persist; -} - -void -ka_pwdialog_hide (const KaPwDialog* pwdialog, gboolean force) -{ - KA_DEBUG("PW Dialog persist: %d", pwdialog->priv->persist); - if (!pwdialog->priv->persist || force) - gtk_widget_hide(pwdialog->priv->dialog); -} - -const gchar* -ka_pwdialog_get_password(KaPwDialog *pwdialog) -{ - return gtk_secure_entry_get_text (GTK_SECURE_ENTRY (pwdialog->priv->pw_entry)); -} - -gboolean -ka_pwdialog_status_update (KaPwDialog* pwdialog) -{ - gchar *expiry_text; - gchar *expiry_markup; - int minutes_left = ka_tgt_valid_seconds() / 60; - - g_return_val_if_fail (pwdialog != NULL, FALSE); - if (minutes_left > 0) { - expiry_text = g_strdup_printf (ngettext("Your credentials expire in %d minute", - "Your credentials expire in %d minutes", - minutes_left), minutes_left); - } else { - expiry_text = g_strdup_printf ("%s", - _("Your credentials have expired")); - } - expiry_markup = g_strdup_printf ("%s", expiry_text); - gtk_label_set_markup (GTK_LABEL(pwdialog->priv->status_label), expiry_markup); - g_free (expiry_text); - g_free (expiry_markup); - - return TRUE; -} - -void -ka_pwdialog_setup (KaPwDialog* pwdialog, const gchar *krb5prompt, - gboolean invalid_auth) -{ - KaPwDialogPrivate *priv = pwdialog->priv; - gchar *wrong_markup = NULL; - GtkWidget *e; - gchar *prompt; - int pw4len; - - if (krb5prompt == NULL) { - prompt = g_strdup (_("Please enter your Kerberos password:")); - } else { - /* Kerberos's prompts are a mess, and basically impossible to - * translate. There's basically no way short of doing a lot of - * string parsing to translate them. The most common prompt is - * "Password for $uid:". We special case that one at least. We - * cannot do any of the fancier strings (like challenges), - * though. */ - pw4len = strlen ("Password for "); - if (strncmp (krb5prompt, "Password for ", pw4len) == 0) { - gchar *uid = (gchar *) (krb5prompt + pw4len); - prompt = g_strdup_printf (_("Please enter the password for '%s':"), uid); - } else { - prompt = g_strdup (krb5prompt); - } - } - - e = gtk_entry_new (); - gtk_secure_entry_set_invisible_char (GTK_SECURE_ENTRY (priv->pw_entry), - gtk_entry_get_invisible_char (GTK_ENTRY (e))); - gtk_widget_destroy (e); - - /* Clear the password entry field */ - gtk_secure_entry_set_text (GTK_SECURE_ENTRY (priv->pw_entry), ""); - - /* Use the prompt label that krb5 provides us */ - gtk_label_set_text (GTK_LABEL (priv->krb_label), prompt); - - /* Add our extra message hints */ - if (invalid_auth) { - wrong_markup = g_strdup_printf ("%s", - _("The password you entered is invalid")); - gtk_label_set_markup (GTK_LABEL (priv->status_label), wrong_markup); - } else - ka_pwdialog_status_update (pwdialog); - - g_free(wrong_markup); - g_free (prompt); -} - - -static GtkWidget* -ka_error_dialog_new(void) -{ - GtkWidget *dialog = gtk_message_dialog_new ( - NULL, GTK_DIALOG_DESTROY_WITH_PARENT, - GTK_MESSAGE_ERROR, GTK_BUTTONS_OK, - _("%s Error"), KA_NAME); - gtk_window_set_title(GTK_WINDOW(dialog), _(KA_NAME)); - gtk_window_set_skip_taskbar_hint(GTK_WINDOW(dialog), FALSE); - return dialog; -} - - -KaPwDialog* -ka_pwdialog_create(GtkBuilder* xml) -{ - KaPwDialog *pwdialog = ka_pwdialog_new(); - KaPwDialogPrivate *priv = pwdialog->priv; - GtkWidget *entry_hbox = NULL; - - priv->dialog = GTK_WIDGET (gtk_builder_get_object (xml, "krb5_dialog")); - priv->status_label = GTK_WIDGET (gtk_builder_get_object (xml, "krb5_status_label")); - priv->krb_label = GTK_WIDGET (gtk_builder_get_object (xml, "krb5_message_label")); - priv->pw_entry = GTK_WIDGET (gtk_secure_entry_new ()); - priv->error_dialog = ka_error_dialog_new(); - - entry_hbox = GTK_WIDGET (gtk_builder_get_object (xml, "entry_hbox")); - gtk_container_add (GTK_CONTAINER (entry_hbox), priv->pw_entry); - gtk_secure_entry_set_activates_default (GTK_SECURE_ENTRY (priv->pw_entry), TRUE); - gtk_widget_show (priv->pw_entry); - - return pwdialog; -} - diff --git a/src/krb5-auth-pwdialog.h b/src/krb5-auth-pwdialog.h deleted file mode 100644 index a02d3fb..0000000 --- a/src/krb5-auth-pwdialog.h +++ /dev/null @@ -1,65 +0,0 @@ -/* Krb5 Auth Applet -- Acquire and release kerberos tickets - * - * (C) 2009 Guido Guenther - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - * - */ - -#ifndef KRB5_AUTH_PWDIALOG_H -#define KRB5_AUTH_PWDIALOG_H - -#include -#include - -#include "config.h" -#include "gtksecentry.h" - -G_BEGIN_DECLS - -#define KA_TYPE_PWDIALOG (ka_pwdialog_get_type ()) -#define KA_PWDIALOG(obj) \ - (G_TYPE_CHECK_INSTANCE_CAST ((obj), KA_TYPE_PWDIALOG, KaPwDialog)) -#define KA_PWDIALOG_CLASS(klass) \ - (G_TYPE_CHECK_CLASS_CAST ((klass), KA_TYPE_PWDIALOG, KaPwDialogClass)) -#define KA_IS_PWDIALOG(obj) \ - (G_TYPE_CHECK_INSTANCE_TYPE ((obj), KA_TYPE_PWDIALOG)) -#define KA_IS_PWDIALOG_CLASS(klass) \ - (G_TYPE_CHECK_CLASS_TYPE ((klass), KA_TYPE_PWDIALOG)) -#define KA_PWDIALOG_GET_CLASS(obj) \ - (G_TYPE_INSTANCE_GET_CLASS ((obj), KA_TYPE_PWDIALOG, KaPwDialogClass)) - -typedef struct _KaPwDialog KaPwDialog; -typedef struct _KaPwDialogClass KaPwDialogClass; -typedef struct _KaPwDialogPrivate KaPwDialogPrivate; - -GType ka_pwdialog_get_type (void); - -/* public functions */ -KaPwDialog* ka_pwdialog_create(GtkBuilder *xml); -/* setup everything for the next prompting */ -void ka_pwdialog_setup (KaPwDialog* pwdialog, const gchar *krb5prompt, - gboolean invalid_auth); -gint ka_pwdialog_run(KaPwDialog *pwdialog); -void ka_pwdialog_hide(const KaPwDialog *pwdialog, gboolean force); -void ka_pwdialog_set_persist(KaPwDialog *pwdialog, gboolean persist); -void ka_pwdialog_error (KaPwDialog *pwdialog, const char *msg); -/* update the expiry information in the status entry */ -gboolean ka_pwdialog_status_update (KaPwDialog *pwdialog); -const gchar* ka_pwdialog_get_password(KaPwDialog *dialog); - -G_END_DECLS - -#endif diff --git a/src/krb5-auth-tickets.c b/src/krb5-auth-tickets.c deleted file mode 100644 index 7c177a9..0000000 --- a/src/krb5-auth-tickets.c +++ /dev/null @@ -1,116 +0,0 @@ -/* Krb5 Auth Applet -- Acquire and release kerberos tickets - * - * (C) 2009 Guido Guenther - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - * - */ - -#include "config.h" - -#include -#include - -#include "krb5-auth-tickets.h" -#include "krb5-auth-dialog.h" - -static GtkListStore *tickets; -static GtkWidget *tickets_dialog; - -GtkWidget* -ka_tickets_dialog_create(GtkBuilder *xml) -{ - GtkCellRenderer *text_renderer, *toggle_renderer; - GtkTreeViewColumn *column; - GtkTreeView *tickets_view; - - tickets = gtk_list_store_new (N_COLUMNS, - G_TYPE_STRING, - G_TYPE_STRING, - G_TYPE_STRING, - G_TYPE_BOOLEAN, - G_TYPE_BOOLEAN, - G_TYPE_BOOLEAN); - - tickets_dialog = GTK_WIDGET (gtk_builder_get_object (xml, "krb5_tickets_dialog")); - tickets_view = GTK_TREE_VIEW (gtk_builder_get_object (xml, "krb5_tickets_treeview")); - gtk_tree_view_set_model(GTK_TREE_VIEW(tickets_view), GTK_TREE_MODEL(tickets)); - - text_renderer = gtk_cell_renderer_text_new(); - toggle_renderer = gtk_cell_renderer_toggle_new(); - - column = gtk_tree_view_column_new_with_attributes(_("Principal"), - text_renderer, - "text", - PRINCIPAL_COLUMN, - NULL); - gtk_tree_view_append_column (GTK_TREE_VIEW (tickets_view), column); - column = gtk_tree_view_column_new_with_attributes(_("Start Time"), - text_renderer, - "text", - START_TIME_COLUMN, - NULL); - gtk_tree_view_append_column (GTK_TREE_VIEW (tickets_view), column); - column = gtk_tree_view_column_new_with_attributes(_("End Time"), - text_renderer, - "markup", - END_TIME_COLUMN, - NULL); - gtk_tree_view_append_column (GTK_TREE_VIEW (tickets_view), column); - column = gtk_tree_view_column_new_with_attributes(_("Fwd"), - toggle_renderer, - "active", - FORWARDABLE_COLUMN, - NULL); - gtk_tree_view_append_column (GTK_TREE_VIEW (tickets_view), column); - column = gtk_tree_view_column_new_with_attributes(_("Proxy"), - toggle_renderer, - "active", - PROXIABLE_COLUMN, - NULL); - gtk_tree_view_append_column (GTK_TREE_VIEW (tickets_view), column); - column = gtk_tree_view_column_new_with_attributes(_("Renew"), - toggle_renderer, - "active", - RENEWABLE_COLUMN, - NULL); - gtk_tree_view_append_column (GTK_TREE_VIEW (tickets_view), column); - return tickets_dialog; -} - -void -ka_tickets_dialog_run() -{ - if (ka_get_service_tickets(tickets)) { - gtk_window_present(GTK_WINDOW(tickets_dialog)); - gtk_dialog_run(GTK_DIALOG(tickets_dialog)); - gtk_widget_hide(tickets_dialog); - } else { - GtkWidget *message_dialog; - - message_dialog = gtk_message_dialog_new (NULL, - GTK_DIALOG_DESTROY_WITH_PARENT, - GTK_MESSAGE_ERROR, - GTK_BUTTONS_CLOSE, - _("Error displaying service ticket information")); - gtk_window_set_resizable (GTK_WINDOW (message_dialog), FALSE); - - g_signal_connect (message_dialog, "response", - G_CALLBACK (gtk_widget_destroy), - NULL); - gtk_widget_show (message_dialog); - } -} - diff --git a/src/krb5-auth-tickets.h b/src/krb5-auth-tickets.h deleted file mode 100644 index 02d67b3..0000000 --- a/src/krb5-auth-tickets.h +++ /dev/null @@ -1,39 +0,0 @@ -/* Krb5 Auth Applet -- Acquire and release kerberos tickets - * - * (C) 2009 Guido Guenther - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - * - */ - -#ifndef KRB5_AUTH_TICKETS_H -#define KRB5_AUTH_TICKETS_H - -enum ticket_columns { - PRINCIPAL_COLUMN, - START_TIME_COLUMN, - END_TIME_COLUMN, - FORWARDABLE_COLUMN, - RENEWABLE_COLUMN, - PROXIABLE_COLUMN, - N_COLUMNS -}; - - -GtkWidget* ka_tickets_dialog_create(GtkBuilder *xml); -void ka_tickets_dialog_run(void); - - -#endif diff --git a/src/krb5-auth-tools.c b/src/krb5-auth-tools.c deleted file mode 100644 index bd72afb..0000000 --- a/src/krb5-auth-tools.c +++ /dev/null @@ -1,58 +0,0 @@ -/* - * Copyright (C) 2009 Guido Guenther - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - */ - -#include "config.h" - -#include -#include "krb5-auth-tools.h" - -void -ka_show_help (GdkScreen* screen, const char* chapter, GtkWindow* window) -{ - GError *error = NULL; - const char *section = ""; - char *url; - - if (chapter) - section = chapter; - - url = g_strdup_printf("ghelp:krb5-auth-dialog%s", section); - - gtk_show_uri (screen, url, gtk_get_current_event_time (), &error); - - if (error) { - GtkWidget *message_dialog; - - message_dialog = gtk_message_dialog_new (GTK_WINDOW (window), - GTK_DIALOG_DESTROY_WITH_PARENT, - GTK_MESSAGE_ERROR, - GTK_BUTTONS_CLOSE, - _("There was an error displaying help:\n%s"), - error->message); - gtk_window_set_resizable (GTK_WINDOW (message_dialog), FALSE); - - g_signal_connect (message_dialog, "response", - G_CALLBACK (gtk_widget_destroy), - NULL); - - gtk_widget_show (message_dialog); - g_error_free (error); - } - g_free (url); -} - diff --git a/src/krb5-auth-tools.h b/src/krb5-auth-tools.h deleted file mode 100644 index ef777e6..0000000 --- a/src/krb5-auth-tools.h +++ /dev/null @@ -1,33 +0,0 @@ -/* Krb5 Auth Applet -- Acquire and release kerberos tickets - * - * (C) 2009 Guido Guenther - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - * - */ - -#ifndef KRB5_AUTH_TOOLS -#define KRB5_AUTH_TOOLS - -#include - -G_BEGIN_DECLS - -void ka_show_help (GdkScreen* screen, const char* section, GtkWindow* window); - -G_END_DECLS - -#endif - -- cgit