Overview
Comment: | Updated to allow the Protected Authentication Path to be set only if an X server display is available |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | protected-auth-path |
Files: | files | file ages | folders |
SHA1: |
b6ea2dbe0a4049570437c0979278caee |
User & Date: | rkeene on 2013-08-14 03:55:08 |
Other Links: | branch diff | manifest | tags |
Context
2013-08-14
| ||
04:15 | Added start of script to ask for PIN via X11 check-in: 20ddc71853 user: rkeene tags: protected-auth-path | |
03:55 | Updated to allow the Protected Authentication Path to be set only if an X server display is available check-in: b6ea2dbe0a user: rkeene tags: protected-auth-path | |
03:48 | Added support for supplying a command to provide a PIN via standard output check-in: b6a0e30bff user: rkeene tags: protected-auth-path | |
Changes
Modified cackey.c from [1675cfdb33] to [b4f00ff994].
︙ | |||
867 868 869 870 871 872 873 | 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 | - - - - + + + - - + - | /** Extra certificates to include in token **/ struct cackey_pcsc_identity extra_certs[] = { #include "cackey_builtin_certs.h" }; /* Protected Authentication Path command */ |
︙ | |||
4131 4132 4133 4134 4135 4136 4137 4138 4139 4140 4141 4142 4143 4144 | 4128 4129 4130 4131 4132 4133 4134 4135 4136 4137 4138 4139 4140 4141 4142 4143 4144 4145 4146 4147 4148 4149 4150 4151 4152 4153 4154 4155 4156 | + + + + + + + + + + + + + + + | return(CKR_CANT_LOCK); } cackey_biglock_init = 1; } /* Define a command to prompt user for a PIN */ #ifdef CACKEY_PIN_COMMAND_DEFAULT cackey_pin_command = CACKEY_PIN_COMMAND_DEFAULT_XSTR(CACKEY_PIN_COMMAND_DEFAULT); #endif #ifdef CACKEY_PIN_COMMAND_XONLY_DEFAULT cackey_pin_command_xonly = CACKEY_PIN_COMMAND_DEFAULT_XSTR(CACKEY_PIN_COMMAND_XONLY_DEFAULT); #endif if (getenv("DISPLAY") != NULL) { cackey_pin_command = cackey_pin_command_xonly; } if (getenv("CACKEY_PIN_COMMAND_XONLY") != NULL && getenv("DISPLAY") != NULL) { cackey_pin_command = getenv("CACKEY_PIN_COMMAND_XONLY"); } if (getenv("CACKEY_PIN_COMMAND") != NULL) { cackey_pin_command = getenv("CACKEY_PIN_COMMAND"); } CACKEY_DEBUG_PRINTF("Returning CKR_OK (%i)", CKR_OK); return(CKR_OK); |
︙ |
Modified configure.ac from [0e5526103b] to [34fbe03317].
︙ | |||
156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 | 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 | + + + + + + + + + + | dnl Option to hard-code a command to run to request a PIN (enabling protected authentication path) AC_ARG_WITH(pin-command, AC_HELP_STRING([--with-pin-command=<command>], [Specify a command to run to request a PIN from the user. The user may override this with the CACKEY_PIN_COMMAND environment variable.]), [ pincommand="${withval}" ], [ pincommand="no" ]) AC_ARG_WITH(pin-command-x, AC_HELP_STRING([--with-pin-command-x=<command>], [Same as --with-pin-command, but only sets Protected Authentication Path if the DISPLAY environment variable is set]), [ pincommandxonly="${withval}" ], [ pincommandxonly="no" ]) if ! test "${pincommand}" = 'no'; then AC_DEFINE_UNQUOTED(CACKEY_PIN_COMMAND_DEFAULT, [$pincommand], [Command to run to prompt user for PIN]) fi if ! test "${pincommandxonly}" = 'no'; then AC_DEFINE_UNQUOTED(CACKEY_PIN_COMMAND_XONLY_DEFAULT, [$pincommandxonly], [Command to run to prompt user for PIN only if DISPLAY environment variable is set]) fi dnl Set version script, to limit the scope of symbols DC_SETVERSIONSCRIPT(libcackey.vers, libcackey.syms) dnl Upate LDFLAGS to include setting the run-time linker path to the same as our compile-time linker DC_SYNC_RPATH |
︙ |