- (djm) Warn user if grabs fail in GNOME askpass. Patch from Zack Weinberg

<zack@wolery.cumb.org>
author: Damien Miller <djm@mindrot.org> 2000-06-07 20:08:19 +1000
committer: Damien Miller <djm@mindrot.org> 2000-06-07 20:08:19 +1000
commit: 5314ae7855f74a63c7151bab6495253d0d1c1150 (patch)
tree: 32e8268558a6a2f1b6f638618d50acb5ba9105f7
parent: d3a185709dfb8588ae7cacc079312d1fcc450e9c (diff)
3 files changed, 44 insertions, 20 deletions
diff --git a/CREDITS b/CREDITS
index 3539addc3..c59babe74 100644
--- a/CREDITS
+++ b/CREDITS
@@ -51,6 +51,7 @@ Thomas Neumann <tom@smart.ruhr.de> - Shadow passwords
 Tom Bertelson's <tbert@abac.com> - AIX auth fixes
 Tor-Ake Fransson <torake@hotmail.com> - AIX support
 Tudor Bosman <tudorb@jm.nu> - MD5 password support
+Zack Weinberg <zack@wolery.cumb.org> - GNOME askpass enhancement
 Apologies to anyone I have missed.
diff --git a/ChangeLog b/ChangeLog
index 997aa31d0..46a444280 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,8 @@
 20000606
 - (djm) Fix rsh path in RPMs. Report from Jason L Tibbitts III 
   <tibbs@math.uh.edu>
+ - (djm) Warn user if grabs fail in GNOME askpass. Patch from Zack Weinberg
+   <zack@wolery.cumb.org>
 - (djm) OpenBSD CVS updates:
  - todd@cvs.openbsd.org
    [sshconnect2.c]
diff --git a/contrib/gnome-ssh-askpass.c b/contrib/gnome-ssh-askpass.c
index fd537e676..5b6f65e88 100644
--- a/contrib/gnome-ssh-askpass.c
+++ b/contrib/gnome-ssh-askpass.c
@@ -49,7 +49,22 @@
 #include <X11/Xlib.h>
 #include <gdk/gdkx.h>
-int passphrase_dialog(char **passphrase_p, char *message)
+void
+report_failed_grab (void)
+{
+        GtkWidget *err;
+        err = gnome_message_box_new("Could not grab keyboard or mouse.\n"
+                "A malicious client may be eavesdropping on your session.",
+                                    GNOME_MESSAGE_BOX_ERROR, "EXIT", NULL);
+        gtk_window_set_position(GTK_WINDOW(err), GTK_WIN_POS_CENTER);
+        gtk_object_set(GTK_OBJECT(err), "type", GTK_WINDOW_POPUP, NULL);
+        gnome_dialog_run_and_close(GNOME_DIALOG(err));
+}
+void
+passphrase_dialog(char *message)
 {
        char *passphrase;
        int result;
@@ -80,41 +95,51 @@ int passphrase_dialog(char **passphrase_p, char *message)
        /* Grab focus */
        XGrabServer(GDK_DISPLAY());
-        gdk_pointer_grab(dialog->window, TRUE, 0, NULL, NULL, GDK_CURRENT_TIME);
+        if (gdk_pointer_grab(dialog->window, TRUE, 0,
-        gdk_keyboard_grab(dialog->window, FALSE, GDK_CURRENT_TIME);
+                             NULL, NULL, GDK_CURRENT_TIME))
+                goto nograb;
+        if (gdk_keyboard_grab(dialog->window, FALSE, GDK_CURRENT_TIME))
+                goto nograbkb;
        /* Make <enter> close dialog */
        gnome_dialog_editable_enters(GNOME_DIALOG(dialog), GTK_EDITABLE(entry));
        /* Run dialog */
        result = gnome_dialog_run(GNOME_DIALOG(dialog));
-                
        /* Ungrab */
        XUngrabServer(GDK_DISPLAY());
        gdk_pointer_ungrab(GDK_CURRENT_TIME);
        gdk_keyboard_ungrab(GDK_CURRENT_TIME);
        gdk_flush();
+        /* Report passphrase if user selected OK */
        passphrase = gtk_entry_get_text(GTK_ENTRY(entry));
+        if (result == 0)
-        /* Take copy of passphrase if user selected OK */
+                puts(passphrase);
-        if (result == 0)        
-                *passphrase_p = strdup(passphrase);
-        else
-                *passphrase_p = NULL;
                
-        /* Zero existing passphrase */
+        /* Zero passphrase in memory */
        memset(passphrase, '\0', strlen(passphrase));
        gtk_entry_set_text(GTK_ENTRY(entry), passphrase);
                        
        gnome_dialog_close(GNOME_DIALOG(dialog));
+        return;
-        return (result == 0);
+        /* At least one grab failed - ungrab what we got, and report
+           the failure to the user.  Note that XGrabServer() cannot
+           fail.  */
+ nograbkb:
+        gdk_pointer_ungrab(GDK_CURRENT_TIME);
+ nograb:
+        XUngrabServer(GDK_DISPLAY());
+        gnome_dialog_close(GNOME_DIALOG(dialog));
+        
+        report_failed_grab();
 }
-int main(int argc, char **argv)
+int
+main(int argc, char **argv)
 {
-        char *passphrase;
        char *message;
        
        gnome_init("GNOME ssh-askpass", "0.1", argc, argv);
@@ -124,11 +149,7 @@ int main(int argc, char **argv)
        else
                message = "Enter your OpenSSH passphrase:";
-        if (passphrase_dialog(&passphrase, message))
+        setvbuf(stdout, 0, _IONBF, 0);
-        {
+        passphrase_dialog(message);
-                puts(passphrase);
-                memset(passphrase, '\0', strlen(passphrase));
-        }
-        
        return 0;
 }
author	Damien Miller <djm@mindrot.org>	2000-06-07 20:08:19 +1000
committer	Damien Miller <djm@mindrot.org>	2000-06-07 20:08:19 +1000
commit	5314ae7855f74a63c7151bab6495253d0d1c1150 (patch)
tree	32e8268558a6a2f1b6f638618d50acb5ba9105f7
parent	d3a185709dfb8588ae7cacc079312d1fcc450e9c (diff)

diff --git a/CREDITS b/CREDITS index 3539addc3..c59babe74 100644 --- a/CREDITS +++ b/CREDITS
@@ -51,6 +51,7 @@ Thomas Neumann <tom@smart.ruhr.de> - Shadow passwords
51	Tom Bertelson's <tbert@abac.com> - AIX auth fixes	51	Tom Bertelson's <tbert@abac.com> - AIX auth fixes
52	Tor-Ake Fransson <torake@hotmail.com> - AIX support	52	Tor-Ake Fransson <torake@hotmail.com> - AIX support
53	Tudor Bosman <tudorb@jm.nu> - MD5 password support	53	Tudor Bosman <tudorb@jm.nu> - MD5 password support
		54	Zack Weinberg <zack@wolery.cumb.org> - GNOME askpass enhancement
54		55
55	Apologies to anyone I have missed.	56	Apologies to anyone I have missed.
56		57


diff --git a/ChangeLog b/ChangeLog index 997aa31d0..46a444280 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -1,6 +1,8 @@
1	20000606	1	20000606
2	- (djm) Fix rsh path in RPMs. Report from Jason L Tibbitts III	2	- (djm) Fix rsh path in RPMs. Report from Jason L Tibbitts III
3	<tibbs@math.uh.edu>	3	<tibbs@math.uh.edu>
		4	- (djm) Warn user if grabs fail in GNOME askpass. Patch from Zack Weinberg
		5	<zack@wolery.cumb.org>
4	- (djm) OpenBSD CVS updates:	6	- (djm) OpenBSD CVS updates:
5	- todd@cvs.openbsd.org	7	- todd@cvs.openbsd.org
6	[sshconnect2.c]	8	[sshconnect2.c]


diff --git a/contrib/gnome-ssh-askpass.c b/contrib/gnome-ssh-askpass.c index fd537e676..5b6f65e88 100644 --- a/contrib/gnome-ssh-askpass.c +++ b/contrib/gnome-ssh-askpass.c
@@ -49,7 +49,22 @@
49	#include <X11/Xlib.h>	49	#include <X11/Xlib.h>
50	#include <gdk/gdkx.h>	50	#include <gdk/gdkx.h>
51		51
52	int passphrase_dialog(char *passphrase_p, char message)	52	void
		53	report_failed_grab (void)
		54	{
		55	GtkWidget *err;
		56
		57	err = gnome_message_box_new("Could not grab keyboard or mouse.\n"
		58	"A malicious client may be eavesdropping on your session.",
		59	GNOME_MESSAGE_BOX_ERROR, "EXIT", NULL);
		60	gtk_window_set_position(GTK_WINDOW(err), GTK_WIN_POS_CENTER);
		61	gtk_object_set(GTK_OBJECT(err), "type", GTK_WINDOW_POPUP, NULL);
		62
		63	gnome_dialog_run_and_close(GNOME_DIALOG(err));
		64	}
		65
		66	void
		67	passphrase_dialog(char *message)
53	{	68	{
54	char *passphrase;	69	char *passphrase;
55	int result;	70	int result;
@@ -80,41 +95,51 @@ int passphrase_dialog(char *passphrase_p, char message)
80		95
81	/* Grab focus */	96	/* Grab focus */
82	XGrabServer(GDK_DISPLAY());	97	XGrabServer(GDK_DISPLAY());
83	gdk_pointer_grab(dialog->window, TRUE, 0, NULL, NULL, GDK_CURRENT_TIME);	98	if (gdk_pointer_grab(dialog->window, TRUE, 0,
84	gdk_keyboard_grab(dialog->window, FALSE, GDK_CURRENT_TIME);	99	NULL, NULL, GDK_CURRENT_TIME))
		100	goto nograb;
		101	if (gdk_keyboard_grab(dialog->window, FALSE, GDK_CURRENT_TIME))
		102	goto nograbkb;
85		103
86	/* Make <enter> close dialog */	104	/* Make <enter> close dialog */
87	gnome_dialog_editable_enters(GNOME_DIALOG(dialog), GTK_EDITABLE(entry));	105	gnome_dialog_editable_enters(GNOME_DIALOG(dialog), GTK_EDITABLE(entry));
88		106
89	/* Run dialog */	107	/* Run dialog */
90	result = gnome_dialog_run(GNOME_DIALOG(dialog));	108	result = gnome_dialog_run(GNOME_DIALOG(dialog));
91		109
92	/* Ungrab */	110	/* Ungrab */
93	XUngrabServer(GDK_DISPLAY());	111	XUngrabServer(GDK_DISPLAY());
94	gdk_pointer_ungrab(GDK_CURRENT_TIME);	112	gdk_pointer_ungrab(GDK_CURRENT_TIME);
95	gdk_keyboard_ungrab(GDK_CURRENT_TIME);	113	gdk_keyboard_ungrab(GDK_CURRENT_TIME);
96	gdk_flush();	114	gdk_flush();
97		115
		116	/* Report passphrase if user selected OK */
98	passphrase = gtk_entry_get_text(GTK_ENTRY(entry));	117	passphrase = gtk_entry_get_text(GTK_ENTRY(entry));
99		118	if (result == 0)
100	/* Take copy of passphrase if user selected OK */	119	puts(passphrase);
101	if (result == 0)
102	*passphrase_p = strdup(passphrase);
103	else
104	*passphrase_p = NULL;
105		120
106	/* Zero existing passphrase */	121	/* Zero passphrase in memory */
107	memset(passphrase, '\0', strlen(passphrase));	122	memset(passphrase, '\0', strlen(passphrase));
108	gtk_entry_set_text(GTK_ENTRY(entry), passphrase);	123	gtk_entry_set_text(GTK_ENTRY(entry), passphrase);
109		124
110	gnome_dialog_close(GNOME_DIALOG(dialog));	125	gnome_dialog_close(GNOME_DIALOG(dialog));
		126	return;
111		127
112	return (result == 0);	128	/* At least one grab failed - ungrab what we got, and report
		129	the failure to the user. Note that XGrabServer() cannot
		130	fail. */
		131	nograbkb:
		132	gdk_pointer_ungrab(GDK_CURRENT_TIME);
		133	nograb:
		134	XUngrabServer(GDK_DISPLAY());
		135	gnome_dialog_close(GNOME_DIALOG(dialog));
		136
		137	report_failed_grab();
113	}	138	}
114		139
115	int main(int argc, char **argv)	140	int
		141	main(int argc, char **argv)
116	{	142	{
117	char *passphrase;
118	char *message;	143	char *message;
119		144
120	gnome_init("GNOME ssh-askpass", "0.1", argc, argv);	145	gnome_init("GNOME ssh-askpass", "0.1", argc, argv);
@@ -124,11 +149,7 @@ int main(int argc, char **argv)
124	else	149	else
125	message = "Enter your OpenSSH passphrase:";	150	message = "Enter your OpenSSH passphrase:";
126		151
127	if (passphrase_dialog(&passphrase, message))	152	setvbuf(stdout, 0, _IONBF, 0);
128	{	153	passphrase_dialog(message);
129	puts(passphrase);
130	memset(passphrase, '\0', strlen(passphrase));
131	}
132
133	return 0;	154	return 0;
134	}	155	}