summaryrefslogtreecommitdiffstats
path: root/kdesktop/lockeng.cc
diff options
context:
space:
mode:
Diffstat (limited to 'kdesktop/lockeng.cc')
-rw-r--r--kdesktop/lockeng.cc127
1 files changed, 104 insertions, 23 deletions
diff --git a/kdesktop/lockeng.cc b/kdesktop/lockeng.cc
index 600573f27..8aa6bb61c 100644
--- a/kdesktop/lockeng.cc
+++ b/kdesktop/lockeng.cc
@@ -11,10 +11,16 @@
#include <stdlib.h>
+#include <ksslcertificate.h>
+
+#include <tdehardwaredevices.h>
+#include <tdecryptographiccarddevice.h>
+
#include <kstandarddirs.h>
#include <tdeapplication.h>
#include <kservicegroup.h>
#include <kdebug.h>
+#include <kuser.h>
#include <tdelocale.h>
#include <tqfile.h>
#include <tqtimer.h>
@@ -82,6 +88,7 @@ SaverEngine::SaverEngine()
mTerminationRequested(false),
mSaverProcessReady(false),
mNewVTAfterLockEngage(false),
+ mValidCryptoCardInserted(false),
mSwitchVTAfterLockEngage(-1),
dBusLocal(0),
dBusWatch(0),
@@ -158,6 +165,30 @@ SaverEngine::SaverEngine()
sigaddset(&mThreadBlockSet, SIGTTIN);
pthread_sigmask(SIG_BLOCK, &mThreadBlockSet, NULL);
+ // Initialize SmartCard readers
+ TDEGenericDevice *hwdevice;
+ TDEHardwareDevices *hwdevices = TDEGlobal::hardwareDevices();
+ TDEGenericHardwareList cardReaderList = hwdevices->listByDeviceClass(TDEGenericDeviceType::CryptographicCard);
+ for (hwdevice = cardReaderList.first(); hwdevice; hwdevice = cardReaderList.next()) {
+ TDECryptographicCardDevice* cdevice = static_cast<TDECryptographicCardDevice*>(hwdevice);
+ connect(cdevice, TQT_SIGNAL(certificateListAvailable(TDECryptographicCardDevice*)), this, TQT_SLOT(cryptographicCardInserted(TDECryptographicCardDevice*)));
+ connect(cdevice, TQT_SIGNAL(cardRemoved(TDECryptographicCardDevice*)), this, TQT_SLOT(cryptographicCardRemoved(TDECryptographicCardDevice*)));
+ cdevice->enableCardMonitoring(true);
+ }
+
+ // Check card login status
+ KUser userinfo;
+ TQString fileName = userinfo.homeDir() + "/.tde_card_login_state";
+ TQFile flagFile(fileName);
+ if (flagFile.open(IO_ReadOnly)) {
+ TQTextStream stream(&flagFile);
+ if (stream.readLine().startsWith("1")) {
+ // Card was likely used to log in
+ TQTimer::singleShot(5000, this, SLOT(cardStartupTimeout()));
+ }
+ flagFile.close();
+ }
+
dBusConnect();
}
@@ -186,6 +217,52 @@ SaverEngine::~SaverEngine()
delete m_helperThread;
}
+void SaverEngine::cardStartupTimeout() {
+ if (!mValidCryptoCardInserted) {
+ // Restore saver timeout
+ configure();
+
+ // Force lock
+ lockScreen();
+ }
+}
+
+void SaverEngine::cryptographicCardInserted(TDECryptographicCardDevice* cdevice) {
+ TQString login_name = TQString::null;
+ X509CertificatePtrList certList = cdevice->cardX509Certificates();
+ if (certList.count() > 0) {
+ KSSLCertificate* card_cert = NULL;
+ card_cert = KSSLCertificate::fromX509(certList[0]);
+ TQStringList cert_subject_parts = TQStringList::split("/", card_cert->getSubject(), false);
+ for (TQStringList::Iterator it = cert_subject_parts.begin(); it != cert_subject_parts.end(); ++it ) {
+ TQString lcpart = (*it).lower();
+ if (lcpart.startsWith("cn=")) {
+ login_name = lcpart.right(lcpart.length() - strlen("cn="));
+ }
+ }
+ delete card_cert;
+ }
+
+ if (login_name != "") {
+ KUser user;
+ if (login_name == user.loginName()) {
+ mValidCryptoCardInserted = true;
+ }
+ }
+}
+
+void SaverEngine::cryptographicCardRemoved(TDECryptographicCardDevice* cdevice) {
+ if (mValidCryptoCardInserted) {
+ mValidCryptoCardInserted = false;
+
+ // Restore saver timeout
+ configure();
+
+ // Force lock
+ lockScreen();
+ }
+}
+
//---------------------------------------------------------------------------
//
// This should be called only using DCOP.
@@ -201,8 +278,12 @@ void SaverEngine::lock()
//
void SaverEngine::lockScreen(bool DCOP)
{
+ if (mValidCryptoCardInserted) {
+ return;
+ }
+
bool ok = true;
- if (mState != Saving)
+ if (mState == Waiting)
{
ok = startLockProcess( ForceLock );
// It takes a while for kdesktop_lock to start and lock the screen.
@@ -250,9 +331,10 @@ void SaverEngine::saverLockReady()
//---------------------------------------------------------------------------
void SaverEngine::save()
{
- if (mState == Waiting)
- {
- startLockProcess( DefaultLock );
+ if (!mValidCryptoCardInserted) {
+ if (mState == Waiting) {
+ startLockProcess( DefaultLock );
+ }
}
}
@@ -283,28 +365,25 @@ bool SaverEngine::enable( bool e )
mEnabled = e;
- if (mEnabled)
- {
+ if (mEnabled) {
if ( !mXAutoLock ) {
mXAutoLock = new XAutoLock();
connect(mXAutoLock, TQT_SIGNAL(timeout()), TQT_SLOT(idleTimeout()));
}
- mXAutoLock->setTimeout(mTimeout);
- mXAutoLock->setDPMS(true);
+ mXAutoLock->setTimeout(mTimeout);
+ mXAutoLock->setDPMS(true);
//mXAutoLock->changeCornerLockStatus( mLockCornerTopLeft, mLockCornerTopRight, mLockCornerBottomLeft, mLockCornerBottomRight);
- // We'll handle blanking
- XSetScreenSaver(tqt_xdisplay(), mTimeout + 10, mXInterval, PreferBlanking, mXExposures);
- kdDebug() << "XSetScreenSaver " << mTimeout + 10 << endl;
-
- mXAutoLock->start();
-
- kdDebug(1204) << "Saver Engine started, timeout: " << mTimeout << endl;
+ // We'll handle blanking
+ XSetScreenSaver(tqt_xdisplay(), mTimeout + 10, mXInterval, PreferBlanking, mXExposures);
+ kdDebug() << "XSetScreenSaver " << mTimeout + 10 << endl;
+
+ mXAutoLock->start();
+
+ kdDebug(1204) << "Saver Engine started, timeout: " << mTimeout << endl;
}
- else
- {
- if (mXAutoLock)
- {
+ else {
+ if (mXAutoLock) {
delete mXAutoLock;
mXAutoLock = 0;
}
@@ -652,10 +731,12 @@ void SaverEngine::lockProcessWaiting()
//
void SaverEngine::idleTimeout()
{
- // disable X screensaver
- XForceScreenSaver(tqt_xdisplay(), ScreenSaverReset );
- XSetScreenSaver(tqt_xdisplay(), 0, mXInterval, PreferBlanking, DontAllowExposures);
- startLockProcess( DefaultLock );
+ if (!mValidCryptoCardInserted) {
+ // disable X screensaver
+ XForceScreenSaver(tqt_xdisplay(), ScreenSaverReset );
+ XSetScreenSaver(tqt_xdisplay(), 0, mXInterval, PreferBlanking, DontAllowExposures);
+ startLockProcess( DefaultLock );
+ }
}
xautolock_corner_t SaverEngine::applyManualSettings(int action)