Two UI improvements
* Mon Oct 18 2010 Miloslav Trmač <mitr@redhat.com> - 0.3.4-4 - Tell the user if asking for the same passphrase again Resolves: #641111 - Check certificate file before interacting with the user Resolves: #643897
This commit is contained in:
parent
f93fc197bb
commit
4886de908b
|
@ -0,0 +1,79 @@
|
|||
Subject: [PATCH] Report certificate errors sooner.
|
||||
|
||||
2010-10-18 Miloslav Trmač <mitr@redhat.com>
|
||||
|
||||
* src/volume_key.c (pos_interact): Split from pos_init ().
|
||||
(do_save, do_reencrypt): Call pos_init () as early as possible. Use
|
||||
pos_interact () at the original location.
|
||||
diff --git a/src/volume_key.c b/src/volume_key.c
|
||||
index 855956f..83d9a02 100644
|
||||
--- a/src/volume_key.c
|
||||
+++ b/src/volume_key.c
|
||||
@@ -601,7 +601,7 @@ struct packet_output_state
|
||||
char *passphrase;
|
||||
};
|
||||
|
||||
-/* Init POS.
|
||||
+/* Init POS, without user interaction.
|
||||
Return 0 if OK, -1 on error. */
|
||||
static int
|
||||
pos_init (struct packet_output_state *pos, GError **error)
|
||||
@@ -635,6 +635,22 @@ pos_init (struct packet_output_state *pos, GError **error)
|
||||
}
|
||||
else
|
||||
{
|
||||
+ /* Will ask for passphrase in pos_interact */
|
||||
+ }
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+/* Interact with the user about POS.
|
||||
+ Return 0 if OK, -1 on error. */
|
||||
+static int
|
||||
+pos_interact (struct packet_output_state *pos, GError **error)
|
||||
+{
|
||||
+ if (output_format_cleartext != 0 || output_certificate != NULL)
|
||||
+ {
|
||||
+ /* Nothing - pos_init () is enough. */
|
||||
+ }
|
||||
+ else
|
||||
+ {
|
||||
char *passphrase;
|
||||
unsigned failed;
|
||||
|
||||
@@ -805,6 +821,9 @@ do_save (int argc, char *argv[])
|
||||
error_exit (_("Usage: %s --save VOLUME [PACKET]"), g_get_prgname ());
|
||||
|
||||
error = NULL;
|
||||
+ if (pos_init (&pos, &error) != 0)
|
||||
+ error_exit ("%s", error->message);
|
||||
+
|
||||
v = libvk_volume_open (argv[1], &error);
|
||||
if (v == NULL)
|
||||
error_exit (_("Error opening `%s': %s"), argv[1], error->message);
|
||||
@@ -824,7 +843,7 @@ do_save (int argc, char *argv[])
|
||||
else if (libvk_volume_get_secret (v, LIBVK_SECRET_DEFAULT, ui, &error) != 0)
|
||||
error_exit (_("Error opening `%s': %s"), argv[1], error->message);
|
||||
|
||||
- if (pos_init (&pos, &error) != 0
|
||||
+ if (pos_interact (&pos, &error) != 0
|
||||
|| output_packet (&pos, v, ui, &error) != 0)
|
||||
error_exit ("%s", error->message);
|
||||
if (output_created_random_passphrase != NULL)
|
||||
@@ -1007,12 +1026,15 @@ do_reencrypt (int argc, char *argv[])
|
||||
error_exit (_("Usage: %s --%s PACKET"), g_get_prgname (), "reencrypt");
|
||||
|
||||
error = NULL;
|
||||
+ if (pos_init (&pos, &error) != 0)
|
||||
+ error_exit ("%s", error->message);
|
||||
+
|
||||
ui = create_ui ();
|
||||
pack = open_packet_file (argv[1], ui, &error);
|
||||
if (pack == NULL)
|
||||
error_exit ("%s", error->message);
|
||||
|
||||
- if (pos_init (&pos, &error) != 0
|
||||
+ if (pos_interact (&pos, &error) != 0
|
||||
|| output_packet (&pos, pack, ui, &error) != 0)
|
||||
error_exit ("%s", error->message);
|
||||
pos_free (&pos);
|
|
@ -0,0 +1,59 @@
|
|||
Subject: [PATCH 1/2] Tell the user when a non-NSS passphrase is incorrect.
|
||||
|
||||
2010-10-18 Miloslav Trmač <mitr@redhat.com>
|
||||
|
||||
* src/volume_key.c (passphrase_ui_cb): Tell the user when a non-NSS
|
||||
passphrase is incorrect.
|
||||
diff --git a/src/volume_key.c b/src/volume_key.c
|
||||
index 7f9f391..c9c4bca 100644
|
||||
--- a/src/volume_key.c
|
||||
+++ b/src/volume_key.c
|
||||
@@ -545,6 +545,8 @@ passphrase_ui_cb (void *data, const char *prompt, unsigned failed_attempts)
|
||||
return NULL;
|
||||
return read_batch_string ();
|
||||
}
|
||||
+ if (failed_attempts != 0)
|
||||
+ fprintf (stderr, _("Error, try again.\n"));
|
||||
s = g_strdup_printf (_("%s: "), prompt);
|
||||
res = get_password (s);
|
||||
g_free (s);
|
||||
--
|
||||
|
||||
2010-10-18 Miloslav Trmač <mitr@redhat.com>
|
||||
|
||||
* lib/volume_luks.c (luks_apply_secret)
|
||||
* src/volume_key.c (pos_interact): Only tell the user about an incorrect
|
||||
passphrase once.
|
||||
diff --git a/lib/volume_luks.c b/lib/volume_luks.c
|
||||
index 4561a43..4650464 100644
|
||||
--- a/lib/volume_luks.c
|
||||
+++ b/lib/volume_luks.c
|
||||
@@ -481,7 +481,9 @@ luks_apply_secret (struct libvk_volume *vol, const struct libvk_volume *packet,
|
||||
failed, error);
|
||||
if (passphrase == NULL)
|
||||
goto err_prompts;
|
||||
- passphrase2 = ui_get_passphrase (ui, prompt2, failed, error);
|
||||
+ /* The repeated passphrase is always considered a first attempt -
|
||||
+ otherwise src/volume_key.c would prepend "Error, try again". */
|
||||
+ passphrase2 = ui_get_passphrase (ui, prompt2, 0, error);
|
||||
if (passphrase2 == NULL)
|
||||
goto err_passphrase;
|
||||
passphrase_ok = strcmp (passphrase, passphrase2) == 0;
|
||||
diff --git a/src/volume_key.c b/src/volume_key.c
|
||||
index c9c4bca..855956f 100644
|
||||
--- a/src/volume_key.c
|
||||
+++ b/src/volume_key.c
|
||||
@@ -652,9 +652,10 @@ pos_init (struct packet_output_state *pos, GError **error)
|
||||
"New packet passphrase"), failed);
|
||||
if (passphrase == NULL)
|
||||
goto no_passphrase;
|
||||
+ /* The repeated passphrase is always considered a first attempt -
|
||||
+ otherwise passphrase_ui_cb would prepend "Error, try again". */
|
||||
passphrase2 = passphrase_ui_cb (NULL,
|
||||
- _("Repeat new packet passphrase"),
|
||||
- failed);
|
||||
+ _("Repeat new packet passphrase"), 0);
|
||||
if (passphrase2 == NULL)
|
||||
{
|
||||
memset (passphrase, 0, strlen (passphrase));
|
||||
--
|
|
@ -3,7 +3,7 @@
|
|||
Summary: An utility for manipulating storage encryption keys and passphrases
|
||||
Name: volume_key
|
||||
Version: 0.3.4
|
||||
Release: 3%{?dist}
|
||||
Release: 4%{?dist}
|
||||
License: GPLv2
|
||||
Group: Applications/System
|
||||
URL: https://fedorahosted.org/volume_key/
|
||||
|
@ -16,6 +16,11 @@ Patch0: volume_key-0.3.4-volume-doc.patch
|
|||
Patch1: volume_key-0.3.4-ssl-errors.patch
|
||||
# Upstream commit 82f476f614ff8492231e730b6ceffaa7242481cc
|
||||
Patch2: volume_key-0.3.4-getpass.patch
|
||||
# Upstream commits b66602b8ef4e6ef8325c0b97fce821e183a2ae84,
|
||||
# 1dcafdcd6f3097487b92f86e9db3e5412c266ee5
|
||||
Patch3: volume_key-0.3.4-passphrase-ui.patch
|
||||
# Upstream commit 40e5330c076f9f4e149c2091900602d3de41b119
|
||||
Patch4: volume_key-0.3.4-cert-errors.patch
|
||||
BuildRequires: cryptsetup-luks-devel, gettext-devel, glib2-devel, gnupg
|
||||
BuildRequires: gpgme-devel, libblkid-devel, nss-devel, python-devel
|
||||
|
||||
|
@ -82,6 +87,8 @@ for other formats is possible, some formats are planned for future releases.
|
|||
%patch0 -p1 -b .volume-doc
|
||||
%patch1 -p1 -b .ssl-errors
|
||||
%patch2 -p1 -b .getpass
|
||||
%patch3 -p1 -b .passphrase-ui
|
||||
%patch4 -p1 -b .cert-errors
|
||||
|
||||
%build
|
||||
%configure
|
||||
|
@ -122,6 +129,12 @@ rm -rf $RPM_BUILD_ROOT
|
|||
%{python_sitearch}/volume_key.py*
|
||||
|
||||
%changelog
|
||||
* Mon Oct 18 2010 Miloslav Trmač <mitr@redhat.com> - 0.3.4-4
|
||||
- Tell the user if asking for the same passphrase again
|
||||
Resolves: #641111
|
||||
- Check certificate file before interacting with the user
|
||||
Resolves: #643897
|
||||
|
||||
* Fri Oct 8 2010 Miloslav Trmač <mitr@redhat.com> - 0.3.4-3
|
||||
- Make it possible to interrupt password prompts
|
||||
Resolves: #641111
|
||||
|
|
Loading…
Reference in New Issue