From daedd98264fd9aa755f3122d46ce27f93e08cfca Mon Sep 17 00:00:00 2001 From: Guido Günther Date: Sat, 19 Jun 2010 15:27:57 +0200 Subject: Imported Upstream version 0.16~rc2 --- src/Makefile.in | 2 + src/dummy-strings.c | 2 +- src/ka-applet.c | 17 +++++++-- src/ka-dialog.c | 82 +++++++++++------------------------------ src/ka-gconf-tools.c | 20 +++++----- src/ka-gconf.c | 6 +-- src/ka-pwdialog.c | 5 ++- src/ka-tools.c | 2 +- src/krb5-auth-dialog.desktop.in | 1 - src/krb5-auth-dialog.xml | 4 +- 10 files changed, 56 insertions(+), 85 deletions(-) (limited to 'src') diff --git a/src/Makefile.in b/src/Makefile.in index b812d80..ace15f5 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -246,6 +246,8 @@ PACKAGE_VERSION = @PACKAGE_VERSION@ PAM_LIBS = @PAM_LIBS@ PATH_SEPARATOR = @PATH_SEPARATOR@ PKG_CONFIG = @PKG_CONFIG@ +PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ +PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ POFILES = @POFILES@ POSUB = @POSUB@ PO_IN_DATADIR_FALSE = @PO_IN_DATADIR_FALSE@ diff --git a/src/dummy-strings.c b/src/dummy-strings.c index 7f8bbee..272ee53 100644 --- a/src/dummy-strings.c +++ b/src/dummy-strings.c @@ -5,7 +5,7 @@ const char *dummy[] = { /* Translators: files from dummy-strings.c are *all* possible errors returned from Kerberos (since Kerberos itself doesn't handle i18n). If in - doubt please translate strings from files starting with krb5-auth + doubt please translate strings from files starting with ka- and krb5-auth- first since these are the ones the user will see in any case. */ N_("ASN.1 failed call to system time library"), /* asn1_err.et:asn1:ASN1_BAD_TIMEFORMAT */ N_("ASN.1 structure is missing a required field"), /* asn1_err.et:asn1:ASN1_MISSING_FIELD */ diff --git a/src/ka-applet.c b/src/ka-applet.c index 472f4f5..bce4288 100644 --- a/src/ka-applet.c +++ b/src/ka-applet.c @@ -463,7 +463,8 @@ ka_send_event_notification (KaApplet *applet, const char *icon, const char *action) { - const char *notify_icon; + const char *notify_icon; + GError *error = NULL; g_return_if_fail (applet != NULL); g_return_if_fail (summary != NULL); @@ -473,8 +474,16 @@ ka_send_event_notification (KaApplet *applet, notify_init (PACKAGE); if (applet->priv->notification != NULL) { - notify_notification_close (applet->priv->notification, NULL); + if (!notify_notification_close (applet->priv->notification, + &error)) { + if (error) + g_warning ("Cannot close notification %s", + error->message); + else + g_warning ("Cannot close notification"); + } g_object_unref (applet->priv->notification); + g_clear_error (&error); } notify_icon = icon ? icon : "krb-valid-ticket"; @@ -620,7 +629,7 @@ ka_applet_cb_preferences (GtkWidget* menuitem G_GNUC_UNUSED, G_CALLBACK (gtk_widget_destroy), NULL); gtk_widget_show (message_dialog); - g_error_free (error); + g_clear_error (&error); } } @@ -661,7 +670,7 @@ ka_about_dialog_url_hook (GtkAboutDialog *about, G_CALLBACK (gtk_widget_destroy), NULL); gtk_widget_show (message_dialog); - g_error_free (error); + g_clear_error (&error); } } diff --git a/src/ka-dialog.c b/src/ka-dialog.c index f8d0fea..f11293d 100644 --- a/src/ka-dialog.c +++ b/src/ka-dialog.c @@ -206,6 +206,7 @@ credentials_expiring_real (KaApplet* applet) krb5_timestamp now; gboolean retval = FALSE; + memset(&my_creds, 0, sizeof(my_creds)); ka_applet_set_tgt_renewable(applet, FALSE); if (!ka_get_tgt_from_ccache (kcontext, &my_creds)) { creds_expiry = 0; @@ -223,13 +224,17 @@ credentials_expiring_real (KaApplet* applet) (now + ka_applet_get_pw_prompt_secs(applet) > my_creds.times.endtime)) retval = TRUE; - /* If our creds are expiring, determine whether they are renewable */ - if (retval && get_cred_renewable(&my_creds) && my_creds.times.renew_till > now) { + /* If our creds are expiring, determine whether they are renewable. + * If the expiry is already at the renew_till time, don't consider + * credentials renewable */ + if (retval && get_cred_renewable(&my_creds) + && my_creds.times.renew_till > now + && my_creds.times.renew_till > creds_expiry) { ka_applet_set_tgt_renewable(applet, TRUE); } - krb5_free_cred_contents (kcontext, &my_creds); out: + krb5_free_cred_contents (kcontext, &my_creds); ka_applet_update_status(applet, creds_expiry); return retval; } @@ -557,46 +562,6 @@ ka_set_ticket_options(KaApplet* applet, krb5_context context, } -/* - * set ticket options - * by looking at krb5.conf, the passed in creds and gconf - */ -static void -set_options_from_creds(const KaApplet* applet, - krb5_context context, - krb5_creds *in, - krb5_get_init_creds_opt *out) -{ - krb5_deltat renew_lifetime; - int flag; - -#ifdef HAVE_KRB5_GET_INIT_CREDS_OPT_SET_DEFAULT_FLAGS - krb5_get_init_creds_opt_set_default_flags(context, PACKAGE, - krb5_principal_get_realm(context, kprincipal), out); -#endif - - flag = get_cred_forwardable(in) != 0; - krb5_get_init_creds_opt_set_forwardable(out, flag); - flag = get_cred_proxiable(in) != 0; - krb5_get_init_creds_opt_set_proxiable(out, flag); - flag = get_cred_renewable(in) != 0; - if (flag && (in->times.renew_till > in->times.starttime)) { - renew_lifetime = in->times.renew_till - - in->times.starttime; - krb5_get_init_creds_opt_set_renew_life(out, - renew_lifetime); - } - if (in->times.endtime > - in->times.starttime + ka_applet_get_pw_prompt_secs(applet)) { - krb5_get_init_creds_opt_set_tkt_life(out, - in->times.endtime - - in->times.starttime); - } - /* This doesn't do a deep copy -- fix it later. */ - /* krb5_get_init_creds_opt_set_address_list(out, creds->addresses); */ -} - - #if ENABLE_PKINIT && HAVE_KRB5_GET_INIT_CREDS_OPT_SET_PKINIT static krb5_error_code ka_auth_heimdal_pkinit(KaApplet* applet, krb5_creds* creds, @@ -728,14 +693,13 @@ ccache_changed_cb (GFileMonitor *monitor G_GNUC_UNUSED, } -static gboolean +static GFileMonitor* monitor_ccache(KaApplet *applet) { const gchar *ccache_name; GFile *ccache; - GFileMonitor *monitor; + GFileMonitor *monitor = NULL; GError *err = NULL; - gboolean ret = FALSE; ccache_name = ka_ccache_filename (); g_return_val_if_fail (ccache_name != NULL, FALSE); @@ -749,18 +713,14 @@ monitor_ccache(KaApplet *applet) credentials_expiring ((gpointer)applet); else g_warning ("Failed to monitor %s: %s", ccache_name, err->message); - goto out; } else { /* g_file_monitor_set_rate_limit(monitor, 10*1000); */ g_signal_connect (monitor, "changed", G_CALLBACK (ccache_changed_cb), applet); KA_DEBUG ("Monitoring %s", ccache_name); - ret = TRUE; } -out: g_object_unref (ccache); - if (err) - g_error_free (err); - return ret; + g_clear_error (&err); + return monitor; } @@ -846,8 +806,8 @@ ka_renew_credentials (KaApplet* applet) krb5_error_code retval; krb5_creds my_creds; krb5_ccache ccache; - krb5_get_init_creds_opt opts; + memset(&my_creds, 0, sizeof(my_creds)); if (kprincipal == NULL) { retval = ka_parse_name(applet, kcontext, &kprincipal); if (retval) @@ -860,15 +820,13 @@ ka_renew_credentials (KaApplet* applet) retval = ka_get_tgt_from_ccache (kcontext, &my_creds); if (!retval) { + krb5_free_cred_contents (kcontext, &my_creds); krb5_cc_close (kcontext, ccache); return -1; } - krb5_get_init_creds_opt_init (&opts); - set_options_from_creds (applet, kcontext, &my_creds, &opts); - if (ka_applet_get_tgt_renewable(applet)) { - + krb5_free_cred_contents (kcontext, &my_creds); retval = get_renewed_creds (kcontext, &my_creds, kprincipal, ccache, NULL); if (retval) goto out; @@ -921,12 +879,11 @@ ka_get_tgt_from_ccache (krb5_context context, krb5_creds *creds) get_principal_realm_data(principal), 0)) { goto out_free_princ; } - pattern.client = principal; if (!krb5_cc_retrieve_cred(context, ccache, 0, &pattern, creds)) ret = TRUE; - krb5_free_principal(context, pattern.server); + krb5_free_principal(context, pattern.server); out_free_princ: krb5_free_principal(context, principal); out: @@ -1124,6 +1081,7 @@ main (int argc, char *argv[]) "Always run", NULL}, { NULL, 0, 0, G_OPTION_ARG_NONE, NULL, NULL, NULL } }; + GFileMonitor *monitor = NULL; context = g_option_context_new ("- Kerberos 5 credential checking"); g_option_context_add_main_entries (context, options, NULL); @@ -1134,7 +1092,7 @@ main (int argc, char *argv[]) g_print ("%s\n%s\n", error->message, help_msg); - g_error_free (error); + g_clear_error (&error); return 1; } g_option_context_free (context); @@ -1161,11 +1119,13 @@ main (int argc, char *argv[]) if (credentials_expiring ((gpointer)applet)) { g_timeout_add_seconds (CREDENTIAL_CHECK_INTERVAL, (GSourceFunc)credentials_expiring, applet); - monitor_ccache (applet); + monitor = monitor_ccache (applet); } ka_dbus_service(applet); gtk_main (); } ka_nm_shutdown(); + if (monitor) + g_object_unref (monitor); return 0; } diff --git a/src/ka-gconf-tools.c b/src/ka-gconf-tools.c index 60fd567..c7cc711 100644 --- a/src/ka-gconf-tools.c +++ b/src/ka-gconf-tools.c @@ -40,8 +40,8 @@ ka_gconf_get_string (GConfClient* client, *value = g_strdup (gconf_value_get_string (gc_value)); success = TRUE; } else if (error) { - g_print ("%s", error->message); - g_error_free (error); + g_warning ("%s", error->message); + g_clear_error (&error); } gconf_value_free (gc_value); } @@ -64,8 +64,8 @@ ka_gconf_get_string_list (GConfClient* client, if ((*list = gconf_client_get_list (client, key, GCONF_VALUE_STRING, &error))) { if (error) { - g_print ("%s", error->message); - g_error_free (error); + g_warning ("%s", error->message); + g_clear_error (&error); } else success = TRUE; } @@ -92,8 +92,8 @@ ka_gconf_get_int (GConfClient* client, *value = gconf_value_get_int (gc_value); success = TRUE; } else if (error) { - g_print ("%s", error->message); - g_error_free (error); + g_warning("%s", error->message); + g_clear_error (&error); } gconf_value_free (gc_value); } @@ -119,8 +119,8 @@ ka_gconf_get_bool (GConfClient* client, *value = gconf_value_get_bool (gc_value); success = TRUE; } else if (error) { - g_print ("%s", error->message); - g_error_free (error); + g_warning ("%s", error->message); + g_clear_error (&error); } gconf_value_free (gc_value); } @@ -140,8 +140,8 @@ ka_gconf_set_bool (GConfClient* client, if(!gconf_client_set_bool (client, key, value, &error)) { if (error) { - g_print ("%s", error->message); - g_error_free (error); + g_warning ("%s", error->message); + g_clear_error (&error); } return FALSE; } diff --git a/src/ka-gconf.c b/src/ka-gconf.c index 10ef703..4e3d1aa 100644 --- a/src/ka-gconf.c +++ b/src/ka-gconf.c @@ -202,10 +202,10 @@ ka_gconf_init (KaApplet* applet) ka_gconf_set_tgt_renewable(client, applet); ka_gconf_set_tgt_proxiable(client, applet); out: - if(error) { + if (error) { client = NULL; - g_print ("%s", error->message); - g_error_free (error); + g_warning ("%s", error->message); + g_clear_error (&error); } return client; } diff --git a/src/ka-pwdialog.c b/src/ka-pwdialog.c index 2f8463c..da34471 100644 --- a/src/ka-pwdialog.c +++ b/src/ka-pwdialog.c @@ -96,7 +96,8 @@ grab_keyboard (GtkWidget *win, GdkEvent *event, gpointer data) GdkGrabStatus status; if (!pwdialog->priv->grabbed) { - status = gdk_keyboard_grab (win->window, FALSE, gdk_event_get_time (event)); + status = gdk_keyboard_grab (gtk_widget_get_window (win), + FALSE, gdk_event_get_time (event)); if (status == GDK_GRAB_SUCCESS) pwdialog->priv->grabbed = TRUE; else @@ -123,7 +124,7 @@ ungrab_keyboard (GtkWidget *win G_GNUC_UNUSED, static gboolean window_state_changed (GtkWidget *win, GdkEventWindowState *event, gpointer data) { - GdkWindowState state = gdk_window_get_state (win->window); + GdkWindowState state = gdk_window_get_state (gtk_widget_get_window (win)); if (state & GDK_WINDOW_STATE_WITHDRAWN || state & GDK_WINDOW_STATE_ICONIFIED || diff --git a/src/ka-tools.c b/src/ka-tools.c index 177e64e..260d101 100644 --- a/src/ka-tools.c +++ b/src/ka-tools.c @@ -51,7 +51,7 @@ ka_show_help (GdkScreen* screen, const char* chapter, GtkWindow* window) NULL); gtk_widget_show (message_dialog); - g_error_free (error); + g_clear_error (&error); } g_free (url); } diff --git a/src/krb5-auth-dialog.desktop.in b/src/krb5-auth-dialog.desktop.in index 653ef3c..6c83b31 100644 --- a/src/krb5-auth-dialog.desktop.in +++ b/src/krb5-auth-dialog.desktop.in @@ -1,7 +1,6 @@ [Desktop Entry] _Name=Network Authentication _Comment=Kerberos Network Authentication Dialog -Encoding=UTF-8 Exec=krb5-auth-dialog Terminal=false Type=Application diff --git a/src/krb5-auth-dialog.xml b/src/krb5-auth-dialog.xml index d379265..0df79ef 100644 --- a/src/krb5-auth-dialog.xml +++ b/src/krb5-auth-dialog.xml @@ -6,8 +6,8 @@ 6 Network Authentication False - center - normal + center-always + dialog False -- cgit