diff options
Diffstat (limited to 'kdesktop/lockeng.cc')
-rw-r--r-- | kdesktop/lockeng.cc | 127 |
1 files changed, 104 insertions, 23 deletions
diff --git a/kdesktop/lockeng.cc b/kdesktop/lockeng.cc index 600573f27..8aa6bb61c 100644 --- a/kdesktop/lockeng.cc +++ b/kdesktop/lockeng.cc @@ -11,10 +11,16 @@ #include <stdlib.h> +#include <ksslcertificate.h> + +#include <tdehardwaredevices.h> +#include <tdecryptographiccarddevice.h> + #include <kstandarddirs.h> #include <tdeapplication.h> #include <kservicegroup.h> #include <kdebug.h> +#include <kuser.h> #include <tdelocale.h> #include <tqfile.h> #include <tqtimer.h> @@ -82,6 +88,7 @@ SaverEngine::SaverEngine() mTerminationRequested(false), mSaverProcessReady(false), mNewVTAfterLockEngage(false), + mValidCryptoCardInserted(false), mSwitchVTAfterLockEngage(-1), dBusLocal(0), dBusWatch(0), @@ -158,6 +165,30 @@ SaverEngine::SaverEngine() sigaddset(&mThreadBlockSet, SIGTTIN); pthread_sigmask(SIG_BLOCK, &mThreadBlockSet, NULL); + // Initialize SmartCard readers + TDEGenericDevice *hwdevice; + TDEHardwareDevices *hwdevices = TDEGlobal::hardwareDevices(); + TDEGenericHardwareList cardReaderList = hwdevices->listByDeviceClass(TDEGenericDeviceType::CryptographicCard); + for (hwdevice = cardReaderList.first(); hwdevice; hwdevice = cardReaderList.next()) { + TDECryptographicCardDevice* cdevice = static_cast<TDECryptographicCardDevice*>(hwdevice); + connect(cdevice, TQT_SIGNAL(certificateListAvailable(TDECryptographicCardDevice*)), this, TQT_SLOT(cryptographicCardInserted(TDECryptographicCardDevice*))); + connect(cdevice, TQT_SIGNAL(cardRemoved(TDECryptographicCardDevice*)), this, TQT_SLOT(cryptographicCardRemoved(TDECryptographicCardDevice*))); + cdevice->enableCardMonitoring(true); + } + + // Check card login status + KUser userinfo; + TQString fileName = userinfo.homeDir() + "/.tde_card_login_state"; + TQFile flagFile(fileName); + if (flagFile.open(IO_ReadOnly)) { + TQTextStream stream(&flagFile); + if (stream.readLine().startsWith("1")) { + // Card was likely used to log in + TQTimer::singleShot(5000, this, SLOT(cardStartupTimeout())); + } + flagFile.close(); + } + dBusConnect(); } @@ -186,6 +217,52 @@ SaverEngine::~SaverEngine() delete m_helperThread; } +void SaverEngine::cardStartupTimeout() { + if (!mValidCryptoCardInserted) { + // Restore saver timeout + configure(); + + // Force lock + lockScreen(); + } +} + +void SaverEngine::cryptographicCardInserted(TDECryptographicCardDevice* cdevice) { + TQString login_name = TQString::null; + X509CertificatePtrList certList = cdevice->cardX509Certificates(); + if (certList.count() > 0) { + KSSLCertificate* card_cert = NULL; + card_cert = KSSLCertificate::fromX509(certList[0]); + TQStringList cert_subject_parts = TQStringList::split("/", card_cert->getSubject(), false); + for (TQStringList::Iterator it = cert_subject_parts.begin(); it != cert_subject_parts.end(); ++it ) { + TQString lcpart = (*it).lower(); + if (lcpart.startsWith("cn=")) { + login_name = lcpart.right(lcpart.length() - strlen("cn=")); + } + } + delete card_cert; + } + + if (login_name != "") { + KUser user; + if (login_name == user.loginName()) { + mValidCryptoCardInserted = true; + } + } +} + +void SaverEngine::cryptographicCardRemoved(TDECryptographicCardDevice* cdevice) { + if (mValidCryptoCardInserted) { + mValidCryptoCardInserted = false; + + // Restore saver timeout + configure(); + + // Force lock + lockScreen(); + } +} + //--------------------------------------------------------------------------- // // This should be called only using DCOP. @@ -201,8 +278,12 @@ void SaverEngine::lock() // void SaverEngine::lockScreen(bool DCOP) { + if (mValidCryptoCardInserted) { + return; + } + bool ok = true; - if (mState != Saving) + if (mState == Waiting) { ok = startLockProcess( ForceLock ); // It takes a while for kdesktop_lock to start and lock the screen. @@ -250,9 +331,10 @@ void SaverEngine::saverLockReady() //--------------------------------------------------------------------------- void SaverEngine::save() { - if (mState == Waiting) - { - startLockProcess( DefaultLock ); + if (!mValidCryptoCardInserted) { + if (mState == Waiting) { + startLockProcess( DefaultLock ); + } } } @@ -283,28 +365,25 @@ bool SaverEngine::enable( bool e ) mEnabled = e; - if (mEnabled) - { + if (mEnabled) { if ( !mXAutoLock ) { mXAutoLock = new XAutoLock(); connect(mXAutoLock, TQT_SIGNAL(timeout()), TQT_SLOT(idleTimeout())); } - mXAutoLock->setTimeout(mTimeout); - mXAutoLock->setDPMS(true); + mXAutoLock->setTimeout(mTimeout); + mXAutoLock->setDPMS(true); //mXAutoLock->changeCornerLockStatus( mLockCornerTopLeft, mLockCornerTopRight, mLockCornerBottomLeft, mLockCornerBottomRight); - // We'll handle blanking - XSetScreenSaver(tqt_xdisplay(), mTimeout + 10, mXInterval, PreferBlanking, mXExposures); - kdDebug() << "XSetScreenSaver " << mTimeout + 10 << endl; - - mXAutoLock->start(); - - kdDebug(1204) << "Saver Engine started, timeout: " << mTimeout << endl; + // We'll handle blanking + XSetScreenSaver(tqt_xdisplay(), mTimeout + 10, mXInterval, PreferBlanking, mXExposures); + kdDebug() << "XSetScreenSaver " << mTimeout + 10 << endl; + + mXAutoLock->start(); + + kdDebug(1204) << "Saver Engine started, timeout: " << mTimeout << endl; } - else - { - if (mXAutoLock) - { + else { + if (mXAutoLock) { delete mXAutoLock; mXAutoLock = 0; } @@ -652,10 +731,12 @@ void SaverEngine::lockProcessWaiting() // void SaverEngine::idleTimeout() { - // disable X screensaver - XForceScreenSaver(tqt_xdisplay(), ScreenSaverReset ); - XSetScreenSaver(tqt_xdisplay(), 0, mXInterval, PreferBlanking, DontAllowExposures); - startLockProcess( DefaultLock ); + if (!mValidCryptoCardInserted) { + // disable X screensaver + XForceScreenSaver(tqt_xdisplay(), ScreenSaverReset ); + XSetScreenSaver(tqt_xdisplay(), 0, mXInterval, PreferBlanking, DontAllowExposures); + startLockProcess( DefaultLock ); + } } xautolock_corner_t SaverEngine::applyManualSettings(int action) |