- (djm) Warn user if grabs fail in GNOME askpass. Patch from Zack Weinberg

author djm <djm>

Wed, 7 Jun 2000 10:08:19 +0000 (10:08 +0000)

committer djm <djm>

Wed, 7 Jun 2000 10:08:19 +0000 (10:08 +0000)
author djm <djm>
Wed, 7 Jun 2000 10:08:19 +0000 (10:08 +0000)
committer djm <djm>
Wed, 7 Jun 2000 10:08:19 +0000 (10:08 +0000)
diff --git a/CREDITS b/CREDITS

index 3539addc3afcc82710e239220d96ff54ce1188e8..c59babe74d215c0ce1b565177a45c0d3f894a183 100644 (file)
--- a/CREDITS
+++ b/CREDITS
@@ -51,6 +51,7 @@ Thomas Neumann <tom@smart.ruhr.de> - Shadow passwords
  Tom Bertelson's <tbert@abac.com> - AIX auth fixes
  Tor-Ake Fransson <torake@hotmail.com> - AIX support
  Tudor Bosman <tudorb@jm.nu> - MD5 password support
+Zack Weinberg <zack@wolery.cumb.org> - GNOME askpass enhancement
  
  Apologies to anyone I have missed.
  
diff --git a/ChangeLog b/ChangeLog

index 997aa31d057ba56d6c31f964ec2a3db9983d0ce2..46a44428036042c84a872903f6b838a4f16761f4 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,8 @@
  20000606
   - (djm) Fix rsh path in RPMs. Report from Jason L Tibbitts III 
     <tibbs@math.uh.edu>
+ - (djm) Warn user if grabs fail in GNOME askpass. Patch from Zack Weinberg
+   <zack@wolery.cumb.org>
   - (djm) OpenBSD CVS updates:
    - todd@cvs.openbsd.org
      [sshconnect2.c]
diff --git a/contrib/gnome-ssh-askpass.c b/contrib/gnome-ssh-askpass.c

index fd537e676c06d7b94360812ffc893d5a2ee77631..5b6f65e88100dbc01de228f21276efb6b2e1652a 100644 (file)
--- a/contrib/gnome-ssh-askpass.c
+++ b/contrib/gnome-ssh-askpass.c
@@ -49,7 +49,22 @@
  #include <X11/Xlib.h>
  #include <gdk/gdkx.h>
  
-int passphrase_dialog(char **passphrase_p, char *message)
+void
+report_failed_grab (void)
+{
+       GtkWidget *err;
+
+       err = gnome_message_box_new("Could not grab keyboard or mouse.\n"
+               "A malicious client may be eavesdropping on your session.",
+                                   GNOME_MESSAGE_BOX_ERROR, "EXIT", NULL);
+       gtk_window_set_position(GTK_WINDOW(err), GTK_WIN_POS_CENTER);
+       gtk_object_set(GTK_OBJECT(err), "type", GTK_WINDOW_POPUP, NULL);
+
+       gnome_dialog_run_and_close(GNOME_DIALOG(err));
+}
+
+void
+passphrase_dialog(char *message)
  {
         char *passphrase;
         int result;
@@ -80,41 +95,51 @@ int passphrase_dialog(char **passphrase_p, char *message)
  
         /* Grab focus */
         XGrabServer(GDK_DISPLAY());
-       gdk_pointer_grab(dialog->window, TRUE, 0, NULL, NULL, GDK_CURRENT_TIME);
-       gdk_keyboard_grab(dialog->window, FALSE, GDK_CURRENT_TIME);
+       if (gdk_pointer_grab(dialog->window, TRUE, 0,
+                            NULL, NULL, GDK_CURRENT_TIME))
+               goto nograb;
+       if (gdk_keyboard_grab(dialog->window, FALSE, GDK_CURRENT_TIME))
+               goto nograbkb;
  
         /* Make <enter> close dialog */
         gnome_dialog_editable_enters(GNOME_DIALOG(dialog), GTK_EDITABLE(entry));
  
         /* Run dialog */
         result = gnome_dialog_run(GNOME_DIALOG(dialog));
-               
+
         /* Ungrab */
         XUngrabServer(GDK_DISPLAY());
         gdk_pointer_ungrab(GDK_CURRENT_TIME);
         gdk_keyboard_ungrab(GDK_CURRENT_TIME);
         gdk_flush();
  
+       /* Report passphrase if user selected OK */
         passphrase = gtk_entry_get_text(GTK_ENTRY(entry));
-
-       /* Take copy of passphrase if user selected OK */
-       if (result == 0)        
-               *passphrase_p = strdup(passphrase);
-       else
-               *passphrase_p = NULL;
+       if (result == 0)
+               puts(passphrase);
                 
-       /* Zero existing passphrase */
+       /* Zero passphrase in memory */
         memset(passphrase, '\0', strlen(passphrase));
         gtk_entry_set_text(GTK_ENTRY(entry), passphrase);
                         
         gnome_dialog_close(GNOME_DIALOG(dialog));
+       return;
  
-       return (result == 0);
+       /* At least one grab failed - ungrab what we got, and report
+          the failure to the user.  Note that XGrabServer() cannot
+          fail.  */
+ nograbkb:
+       gdk_pointer_ungrab(GDK_CURRENT_TIME);
+ nograb:
+       XUngrabServer(GDK_DISPLAY());
+       gnome_dialog_close(GNOME_DIALOG(dialog));
+       
+       report_failed_grab();
  }
  
-int main(int argc, char **argv)
+int
+main(int argc, char **argv)
  {
-       char *passphrase;
         char *message;
         
         gnome_init("GNOME ssh-askpass", "0.1", argc, argv);
@@ -124,11 +149,7 @@ int main(int argc, char **argv)
         else
                 message = "Enter your OpenSSH passphrase:";
  
-       if (passphrase_dialog(&passphrase, message))
-       {
-               puts(passphrase);
-               memset(passphrase, '\0', strlen(passphrase));
-       }
-       
+       setvbuf(stdout, 0, _IONBF, 0);
+       passphrase_dialog(message);
         return 0;
  }
author	djm <djm>
	Wed, 7 Jun 2000 10:08:19 +0000 (10:08 +0000)
committer	djm <djm>
	Wed, 7 Jun 2000 10:08:19 +0000 (10:08 +0000)
CREDITS		patch \| blob \| blame \| history
ChangeLog		patch \| blob \| blame \| history
contrib/gnome-ssh-askpass.c		patch \| blob \| blame \| history