summaryrefslogtreecommitdiffstats
path: root/src/kim/lib/kim_ui.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/kim/lib/kim_ui.c')
-rw-r--r--src/kim/lib/kim_ui.c274
1 files changed, 132 insertions, 142 deletions
diff --git a/src/kim/lib/kim_ui.c b/src/kim/lib/kim_ui.c
index 36920144e..a87e150ba 100644
--- a/src/kim/lib/kim_ui.c
+++ b/src/kim/lib/kim_ui.c
@@ -31,71 +31,15 @@
static kim_prompt_type kim_ui_ptype2ktype (krb5_prompt_type type)
{
- switch (type) {
- case KRB5_PROMPT_TYPE_PASSWORD:
- return kim_prompt_type_password;
-
- case KRB5_PROMPT_TYPE_PREAUTH:
- return kim_prompt_type_preauth;
+ if (type == KRB5_PROMPT_TYPE_PASSWORD) {
+ return kim_prompt_type_password;
+
+ } else if (type == KRB5_PROMPT_TYPE_PREAUTH) {
+ return kim_prompt_type_preauth;
}
return kim_prompt_type_preauth;
}
-/* ------------------------------------------------------------------------ */
-/* Set the identity field in your context and pass the context as the data */
-
-krb5_error_code kim_ui_prompter (krb5_context in_krb5_context,
- void *in_context,
- const char *in_name,
- const char *in_banner,
- int in_num_prompts,
- krb5_prompt in_prompts[])
-{
- kim_error err = KIM_NO_ERROR;
- krb5_prompt_type *types = NULL;
- kim_ui_context *context = (kim_ui_context *) in_context;
- int i;
-
- if (!err && !in_krb5_context) { err = check_error (KIM_NULL_PARAMETER_ERR); }
- if (!err && !in_context ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
- if (!err && !in_prompts ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
-
- if (!err) {
- types = krb5_get_prompt_types (in_krb5_context);
- if (!types) { err = check_error (KIM_NULL_PARAMETER_ERR); }
- }
-
- for (i = 0; !err && i < in_num_prompts; i++) {
- char *reply = NULL;
-
- err = kim_ui_auth_prompt (context,
- context->identity,
- kim_ui_ptype2ktype (types[i]),
- in_prompts[i].hidden,
- in_name,
- in_banner,
- in_prompts[i].prompt,
- &reply);
-
- if (!err) {
- uint32_t reply_len = strlen (reply);
-
- if ((reply_len + 1) > in_prompts[i].reply->length) {
- kim_debug_printf ("%s(): reply %d is too long (is %d, should be %d)\n",
- __FUNCTION__, i,
- reply_len, in_prompts[i].reply->length);
- reply_len = in_prompts[i].reply->length;
- }
-
- memmove (in_prompts[i].reply->data, reply, reply_len + 1);
- in_prompts[i].reply->length = reply_len;
- }
-
- kim_ui_free_string (context, &reply);
- }
-
- return check_error (err);
-}
#pragma mark -
@@ -110,7 +54,7 @@ kim_error kim_ui_init (kim_ui_context *io_context)
if (!err) {
#ifndef LEAN_CLIENT
kim_ui_environment environment = kim_library_ui_environment ();
-
+
if (environment == KIM_UI_ENVIRONMENT_GUI) {
#endif /* LEAN_CLIENT */
io_context->type = kim_ui_type_gui_plugin;
@@ -120,9 +64,9 @@ kim_error kim_ui_init (kim_ui_context *io_context)
if (err) {
io_context->type = kim_ui_type_gui_builtin;
- err = kim_ui_gui_init ((kim_ui_gui_context *) &io_context->tcontext);
+ err = kim_os_ui_gui_init ((kim_ui_gui_context *) &io_context->tcontext);
}
-
+
} else if (environment == KIM_UI_ENVIRONMENT_CLI) {
io_context->type = kim_ui_type_cli;
@@ -134,7 +78,11 @@ kim_error kim_ui_init (kim_ui_context *io_context)
err = check_error (KIM_NO_UI_ERR);
}
#endif /* LEAN_CLIENT */
- }
+ }
+
+ if (!err) {
+ io_context->identity = NULL;
+ }
return check_error (err);
}
@@ -156,8 +104,8 @@ kim_error kim_ui_enter_identity (kim_ui_context *in_context,
#ifndef LEAN_CLIENT
} else if (in_context->type == kim_ui_type_gui_builtin) {
- err = kim_ui_gui_enter_identity ((kim_ui_gui_context) in_context->tcontext,
- out_identity);
+ err = kim_os_ui_gui_enter_identity ((kim_ui_gui_context) in_context->tcontext,
+ out_identity);
} else if (in_context->type == kim_ui_type_cli) {
err = kim_ui_cli_enter_identity ((kim_ui_cli_context) in_context->tcontext,
@@ -193,9 +141,9 @@ kim_error kim_ui_select_identity (kim_ui_context *in_context,
#ifndef LEAN_CLIENT
} else if (in_context->type == kim_ui_type_gui_builtin) {
- err = kim_ui_gui_select_identity ((kim_ui_gui_context) in_context->tcontext,
- in_hints,
- out_identity);
+ err = kim_os_ui_gui_select_identity ((kim_ui_gui_context) in_context->tcontext,
+ in_hints,
+ out_identity);
} else if (in_context->type == kim_ui_type_cli) {
err = kim_ui_cli_select_identity ((kim_ui_cli_context) in_context->tcontext,
@@ -213,58 +161,103 @@ kim_error kim_ui_select_identity (kim_ui_context *in_context,
}
/* ------------------------------------------------------------------------ */
+/* Set the identity field in your context and pass the context as the data */
-kim_error kim_ui_auth_prompt (kim_ui_context *in_context,
- kim_identity in_identity,
- kim_prompt_type in_type,
- kim_boolean in_hide_reply,
- kim_string in_title,
- kim_string in_message,
- kim_string in_description,
- char **out_reply)
+krb5_error_code kim_ui_prompter (krb5_context in_krb5_context,
+ void *in_context,
+ const char *in_name,
+ const char *in_banner,
+ int in_num_prompts,
+ krb5_prompt in_prompts[])
{
kim_error err = KIM_NO_ERROR;
+ krb5_prompt_type *types = NULL;
+ kim_ui_context *context = (kim_ui_context *) in_context;
+ int i;
- if (!err && !in_context ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
- if (!err && !in_identity) { err = check_error (KIM_NULL_PARAMETER_ERR); }
- if (!err && !out_reply ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
- /* in_title, in_message or in_description may be NULL */
+ if (!err && !in_krb5_context) { err = check_error (KIM_NULL_PARAMETER_ERR); }
+ if (!err && !in_context ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
+ if (!err && !in_prompts ) { err = check_error (KIM_NULL_PARAMETER_ERR); }
if (!err) {
- if (in_context->type == kim_ui_type_gui_plugin) {
- err = kim_ui_plugin_auth_prompt ((kim_ui_plugin_context) in_context->tcontext,
- in_identity,
- in_type,
- in_hide_reply,
- in_title,
- in_message,
- in_description,
- out_reply);
-
-#ifndef LEAN_CLIENT
- } else if (in_context->type == kim_ui_type_gui_builtin) {
- err = kim_ui_gui_auth_prompt ((kim_ui_gui_context) in_context->tcontext,
- in_identity,
- in_type,
- in_hide_reply,
- in_title,
- in_message,
- in_description,
- out_reply);
+ types = krb5_get_prompt_types (in_krb5_context);
+ if (!types) { err = check_error (KIM_NULL_PARAMETER_ERR); }
+ }
+
+ for (i = 0; !err && i < in_num_prompts; i++) {
+ char *reply = NULL;
+ kim_prompt_type type = kim_ui_ptype2ktype (types[i]);
+ kim_boolean got_saved_password = 0;
+
+ if (type == kim_prompt_type_password) {
+ /* Check for saved password on OSes that support it */
+ kim_error terr = KIM_NO_ERROR;
- } else if (in_context->type == kim_ui_type_cli) {
- err = kim_ui_cli_auth_prompt ((kim_ui_cli_context) in_context->tcontext,
- in_identity,
- in_type,
- in_hide_reply,
- in_title,
- in_message,
- in_description,
- out_reply);
+ terr = kim_os_identity_get_saved_password (context->identity,
+ (kim_string *) &reply);
+ if (!terr) { got_saved_password = 1; }
+ }
+
+ if (!got_saved_password) {
+ if (context->type == kim_ui_type_gui_plugin) {
+ err = kim_ui_plugin_auth_prompt ((kim_ui_plugin_context) context->tcontext,
+ context->identity,
+ type,
+ in_prompts[i].hidden,
+ in_name,
+ in_banner,
+ in_prompts[i].prompt,
+ &reply);
+
+#ifndef LEAN_CLIENT
+ } else if (context->type == kim_ui_type_gui_builtin) {
+ err = kim_os_ui_gui_auth_prompt ((kim_ui_gui_context) context->tcontext,
+ context->identity,
+ type,
+ in_prompts[i].hidden,
+ in_name,
+ in_banner,
+ in_prompts[i].prompt,
+ &reply);
+
+ } else if (context->type == kim_ui_type_cli) {
+ err = kim_ui_cli_auth_prompt ((kim_ui_cli_context) context->tcontext,
+ context->identity,
+ type,
+ in_prompts[i].hidden,
+ in_name,
+ in_banner,
+ in_prompts[i].prompt,
+ &reply);
#endif /* LEAN_CLIENT */
+
+ } else {
+ err = check_error (KIM_NO_UI_ERR);
+ }
+ }
+
+ if (!err) {
+ uint32_t reply_len = strlen (reply);
- } else {
- err = check_error (KIM_NO_UI_ERR);
+ if ((reply_len + 1) > in_prompts[i].reply->length) {
+ kim_debug_printf ("%s(): reply %d is too long (is %d, should be %d)\n",
+ __FUNCTION__, i,
+ reply_len, in_prompts[i].reply->length);
+ reply_len = in_prompts[i].reply->length;
+ }
+
+ memmove (in_prompts[i].reply->data, reply, reply_len + 1);
+ in_prompts[i].reply->length = reply_len;
+ }
+
+ /* Clean up reply buffer. Saved passwords are allocated by KIM. */
+ if (reply) {
+ memset (reply, '\0', strlen (reply));
+ if (got_saved_password) {
+ kim_string_free ((kim_string *) &reply);
+ } else {
+ kim_ui_free_string (context, &reply);
+ }
}
}
@@ -299,12 +292,12 @@ kim_error kim_ui_change_password (kim_ui_context *in_context,
#ifndef LEAN_CLIENT
} else if (in_context->type == kim_ui_type_gui_builtin) {
- err = kim_ui_gui_change_password ((kim_ui_gui_context) in_context->tcontext,
- in_identity,
- in_old_password_expired,
- out_old_password,
- out_new_password,
- out_verify_password);
+ err = kim_os_ui_gui_change_password ((kim_ui_gui_context) in_context->tcontext,
+ in_identity,
+ in_old_password_expired,
+ out_old_password,
+ out_new_password,
+ out_verify_password);
} else if (in_context->type == kim_ui_type_cli) {
err = kim_ui_cli_change_password ((kim_ui_cli_context) in_context->tcontext,
@@ -313,14 +306,13 @@ kim_error kim_ui_change_password (kim_ui_context *in_context,
out_old_password,
out_new_password,
out_verify_password);
-
#endif /* LEAN_CLIENT */
} else {
err = check_error (KIM_NO_UI_ERR);
}
}
-
+
return check_error (err);
}
@@ -338,14 +330,14 @@ kim_error kim_ui_handle_kim_error (kim_ui_context *in_context,
if (!err) {
/* Do this first so last error doesn't get overwritten */
- err = kim_string_get_last_error_message (&description, in_error);
+ err = kim_string_create_for_last_error (&description, in_error);
}
if (!err && !in_context) { err = check_error (KIM_NULL_PARAMETER_ERR); }
if (!err) {
kim_string key = NULL;
-
+
switch (in_type) {
case kim_ui_error_type_authentication:
key = "KLStringLoginFailed";
@@ -361,7 +353,7 @@ kim_error kim_ui_handle_kim_error (kim_ui_context *in_context,
key = "KLStringKerberosOperationFailed";
break;
}
-
+
err = kim_os_string_create_localized (&message, key);
}
@@ -393,25 +385,25 @@ kim_error kim_ui_handle_error (kim_ui_context *in_context,
if (!err) {
if (in_context->type == kim_ui_type_gui_plugin) {
err = kim_ui_plugin_handle_error ((kim_ui_plugin_context) in_context->tcontext,
- in_identity,
- in_error,
- in_error_message,
- in_error_description);
+ in_identity,
+ in_error,
+ in_error_message,
+ in_error_description);
#ifndef LEAN_CLIENT
} else if (in_context->type == kim_ui_type_gui_builtin) {
- err = kim_ui_gui_handle_error ((kim_ui_gui_context) in_context->tcontext,
- in_identity,
- in_error,
- in_error_message,
- in_error_description);
+ err = kim_os_ui_gui_handle_error ((kim_ui_gui_context) in_context->tcontext,
+ in_identity,
+ in_error,
+ in_error_message,
+ in_error_description);
} else if (in_context->type == kim_ui_type_cli) {
err = kim_ui_cli_handle_error ((kim_ui_cli_context) in_context->tcontext,
- in_identity,
- in_error,
- in_error_message,
- in_error_description);
+ in_identity,
+ in_error,
+ in_error_message,
+ in_error_description);
#endif /* LEAN_CLIENT */
} else {
@@ -434,8 +426,8 @@ void kim_ui_free_string (kim_ui_context *in_context,
#ifndef LEAN_CLIENT
} else if (in_context->type == kim_ui_type_gui_builtin) {
- kim_ui_gui_free_string ((kim_ui_gui_context) in_context->tcontext,
- io_string);
+ kim_os_ui_gui_free_string ((kim_ui_gui_context) in_context->tcontext,
+ io_string);
} else if (in_context->type == kim_ui_type_cli) {
kim_ui_cli_free_string ((kim_ui_cli_context) in_context->tcontext,
@@ -455,14 +447,12 @@ kim_error kim_ui_fini (kim_ui_context *io_context)
if (!err && !io_context) { err = check_error (KIM_NULL_PARAMETER_ERR); }
if (!err) {
- kim_identity_free (&io_context->identity);
-
if (io_context->type == kim_ui_type_gui_plugin) {
err = kim_ui_plugin_fini ((kim_ui_plugin_context *) &io_context->tcontext);
#ifndef LEAN_CLIENT
} else if (io_context->type == kim_ui_type_gui_builtin) {
- err = kim_ui_gui_fini ((kim_ui_gui_context *) &io_context->tcontext);
+ err = kim_os_ui_gui_fini ((kim_ui_gui_context *) &io_context->tcontext);
} else if (io_context->type == kim_ui_type_cli) {
err = kim_ui_cli_fini ((kim_ui_cli_context *) &io_context->tcontext);
generated by cgit (git 2.34.1) at 2025-10-15 22:21:11 +0000