static void fix_login_keyring_if_unlock_failed (GkmWrapPrompt *self, const gchar *password) { CK_OBJECT_CLASS klass = CKO_G_CREDENTIAL; CK_OBJECT_HANDLE cred; CK_BBOOL tval = CK_TRUE; CK_ATTRIBUTE attrs[4]; gchar *failed; CK_RV rv; failed = gkm_wrap_login_steal_failed_password (); /* Do we have a failed unlock password? */ if (!failed || !failed[0]) { egg_secure_strfree (failed); return; } attrs[0].type = CKA_CLASS; attrs[0].pValue = &klass; attrs[0].ulValueLen = sizeof (klass); attrs[1].type = CKA_VALUE; attrs[1].pValue = failed; attrs[1].ulValueLen = strlen (failed); attrs[2].type = CKA_MATE_TRANSIENT; attrs[2].pValue = &tval; attrs[2].ulValueLen = sizeof (tval); attrs[3].type = CKA_TOKEN; attrs[3].pValue = &tval; attrs[3].ulValueLen = sizeof (tval); /* Create a credential object for the failed password */ rv = (self->module->C_CreateObject) (self->session, attrs, G_N_ELEMENTS (attrs), &cred); egg_secure_strfree (failed); if (rv != CKR_OK) { g_warning ("couldn't create credential to fix login password: %s", gkm_util_rv_to_string (rv)); return; } attrs[0].type = CKA_G_CREDENTIAL; attrs[0].pValue = &cred; attrs[0].ulValueLen = sizeof (cred); /* Set the credential on the object */ rv = (self->module->C_SetAttributeValue) (self->session, self->object, attrs, 1); if (rv != CKR_OK) { g_warning ("couldn't change credential to fix login keyring password: %s", gkm_util_rv_to_string (rv)); return; } g_message ("fixed login keyring password to match login password"); }
gboolean gkd_gpg_agent_ops_getpass (GkdGpgAgentCall *call, gchar *args) { gchar *id; gchar *errmsg; gchar *prompt; gchar *description; GckSession *session; gchar *password; gchar *encoded; guint32 flags; /* We don't answer this unless it's from the right terminal */ if (!call->terminal_ok) { g_message ("received passphrase request from wrong terminal"); return gkd_gpg_agent_send_reply (call, FALSE, "113 Server Resource Problem"); } split_arguments (args, &flags, &id, &errmsg, &prompt, &description, NULL); if (!id || !errmsg || !prompt || !description) { g_message ("received invalid passphrase request"); return gkd_gpg_agent_send_reply (call, FALSE, "105 parameter error"); } if (is_null_argument (id)) id = NULL; if (is_null_argument (errmsg)) errmsg = NULL; if (is_null_argument (prompt)) prompt = NULL; if (is_null_argument (description)) description = NULL; session = gkd_gpg_agent_checkout_main_session (); g_return_val_if_fail (session, FALSE); password = do_get_password (session, id, errmsg, prompt, description, flags & GKD_GPG_AGENT_REPEAT); gkd_gpg_agent_checkin_main_session (session); if (password == NULL) { gkd_gpg_agent_send_reply (call, FALSE, "111 cancelled"); } else if (flags & GKD_GPG_AGENT_PASS_AS_DATA) { encoded = uri_encode_password (password); gkd_gpg_agent_send_data (call, encoded); gkd_gpg_agent_send_reply (call, TRUE, NULL); egg_secure_strfree (encoded); } else { encoded = hex_encode_password (password); gkd_gpg_agent_send_reply (call, TRUE, encoded); egg_secure_strfree (encoded); } egg_secure_strfree (password); return TRUE; }
static void clear_login_password (void) { if(login_password) egg_secure_strfree (login_password); login_password = NULL; }