-rw-r--r-- | core/applets/lockapplet/.cvsignore | 4 | ||||
-rw-r--r-- | core/applets/lockapplet/config.in | 4 | ||||
-rw-r--r-- | core/applets/lockapplet/lock.cpp | 84 | ||||
-rw-r--r-- | core/applets/lockapplet/lock.h | 36 | ||||
-rw-r--r-- | core/applets/lockapplet/lockapplet.pro | 12 | ||||
-rw-r--r-- | core/applets/lockapplet/opie-lockapplet.control | 11 | ||||
-rw-r--r-- | core/launcher/serverapp.cpp | 3 | ||||
-rw-r--r-- | core/settings/security/demo/main.cpp | 2 | ||||
-rw-r--r-- | core/settings/security/multiauthconfig.cpp | 20 | ||||
-rw-r--r-- | libopie2/opiesecurity/multiauthpassword.cpp | 47 | ||||
-rw-r--r-- | libopie2/opiesecurity/multiauthpassword.h | 10 | ||||
-rw-r--r-- | packages | 1 | ||||
-rw-r--r-- | pics/security/lock.png | bin | 0 -> 419 bytes |
13 files changed, 206 insertions, 28 deletions
diff --git a/core/applets/lockapplet/.cvsignore b/core/applets/lockapplet/.cvsignore new file mode 100644 index 0000000..5e2908c --- a/dev/null +++ b/core/applets/lockapplet/.cvsignore @@ -0,0 +1,4 @@ +Makefile* +.moc +.obj + diff --git a/core/applets/lockapplet/config.in b/core/applets/lockapplet/config.in new file mode 100644 index 0000000..ddc3522 --- a/dev/null +++ b/core/applets/lockapplet/config.in @@ -0,0 +1,4 @@ + config LOCKAPPLET + boolean "opie-lockapplet (button in the Opie menu to lock the PDA)" + default "y" + depends ( LIBQPE || LIBQPE-X11 ) && SECURITY diff --git a/core/applets/lockapplet/lock.cpp b/core/applets/lockapplet/lock.cpp new file mode 100644 index 0000000..89f27bb --- a/dev/null +++ b/core/applets/lockapplet/lock.cpp @@ -0,0 +1,84 @@ +#include "lock.h" + +/* OPIE */ +#include <opie2/multiauthpassword.h> + +#include <qpe/applnk.h> +#include <qpe/resource.h> + +/* QT */ +#include <qiconset.h> +#include <qpopupmenu.h> +#include <qmessagebox.h> + + +LockMenuApplet::LockMenuApplet() + :QObject( 0, "LockMenuApplet" ) +{ +} + +LockMenuApplet::~LockMenuApplet ( ) +{} + +int LockMenuApplet::position() const +{ + return 3; +} + +QString LockMenuApplet::name() const +{ + return tr( "Lock shortcut" ); +} + +QString LockMenuApplet::text() const +{ + return tr( "Lock" ); +} + + +QIconSet LockMenuApplet::icon() const +{ + QPixmap pix; + QImage img = Resource::loadImage( "security/lock" ); + if ( !img.isNull() ) + pix.convertFromImage( img.smoothScale( AppLnk::smallIconSize(), AppLnk::smallIconSize() ) ); + return pix; +} + +QPopupMenu* LockMenuApplet::popup(QWidget*) const +{ + /* no subdir */ + return 0; +} + +void LockMenuApplet::activated() +{ + /* + QMessageBox::information(0,tr("No white rabbit found"), + tr("<qt>No white rabbit was seen near Opie." + "Only the beautiful OpieZilla is available" + "for your pleassure</qt>")); + */ + Opie::Security::MultiauthPassword::authenticate(Opie::Security::LockNow); +} + + +QRESULT LockMenuApplet::queryInterface( const QUuid &uuid, QUnknownInterface **iface ) +{ + *iface = 0; + if ( uuid == IID_QUnknown ) + *iface = this; + else if ( uuid == IID_MenuApplet ) + *iface = this; + else + return QS_FALSE; + + if ( *iface ) + (*iface)->addRef(); + return QS_OK; +} + +Q_EXPORT_INTERFACE() +{ + Q_CREATE_INSTANCE( LockMenuApplet ) +} diff --git a/core/applets/lockapplet/lock.h b/core/applets/lockapplet/lock.h new file mode 100644 index 0000000..ff94bce --- a/dev/null +++ b/core/applets/lockapplet/lock.h @@ -0,0 +1,36 @@ +/** + * \file lock.h + * \brief defines a lock button that goes in the 'O' Opie menu + * It's based on the examples/menuapplet code of 2004/10/06. + */ +#ifndef CORE_SETTINGS_SECURITY_LOCKAPPLET_LOCK_H +#define CORE_SETTINGS_SECURITY_LOCKAPPLET_LOCK_H + +#include <qpe/menuappletinterface.h> +#include <qobject.h> + +class LockMenuApplet: public QObject, public MenuAppletInterface +{ + + Q_OBJECT + +public: + LockMenuApplet ( ); + virtual ~LockMenuApplet ( ); + + QRESULT queryInterface( const QUuid&, QUnknownInterface** ); + Q_REFCOUNT + + virtual int position() const; + + virtual QString name ( ) const; + virtual QIconSet icon ( ) const; + virtual QString text ( ) const; + /* virtual QString tr( const char* ) const; + virtual QString tr( const char*, const char* ) const; + */ + virtual QPopupMenu *popup ( QWidget *parent ) const; + virtual void activated ( ); +}; + +#endif diff --git a/core/applets/lockapplet/lockapplet.pro b/core/applets/lockapplet/lockapplet.pro new file mode 100644 index 0000000..e0ee780 --- a/dev/null +++ b/core/applets/lockapplet/lockapplet.pro @@ -0,0 +1,12 @@ +TEMPLATE = lib +CONFIG += qt plugn warn_on +HEADERS = lock.h +SOURCES = lock.cpp +TARGET = lockapplet +DESTDIR = $(OPIEDIR)/plugins/applets +INCLUDEPATH += $(OPIEDIR)/include +DEPENDPATH += $(OPIEDIR)/include +LIBS += -lqpe +VERSION = 1.0.0 + +include ( $(OPIEDIR)/include.pro ) diff --git a/core/applets/lockapplet/opie-lockapplet.control b/core/applets/lockapplet/opie-lockapplet.control new file mode 100644 index 0000000..e175a3e --- a/dev/null +++ b/core/applets/lockapplet/opie-lockapplet.control @@ -0,0 +1,11 @@ +Package: opie-lockapplet +Files: plugins/applets/liblockapplet.so* +Priority: optional +Section: opie/applets +Maintainer: Opie Team <opie@handhelds.org> +Architecture: arm +Depends: task-opie-minimal, opie-security +Description: Lock Opie now + Button to lock Opie (as configured in the Security + settings) on demand. +Version: $QPE_VERSION$EXTRAVERSION diff --git a/core/launcher/serverapp.cpp b/core/launcher/serverapp.cpp index dc1f2c7..e541d10 100644 --- a/core/launcher/serverapp.cpp +++ b/core/launcher/serverapp.cpp @@ -497,33 +497,34 @@ void ServerApplication::launcherMessage( const QCString & msg, const QByteArray stream >> k >> c >> m; kf -> registerKey( QCopKeyRegister(k, c, m) ); } } bool ServerApplication::screenLocked() { return loggedin == 0; } void ServerApplication::login(bool at_poweron) { if ( !loggedin ) { Global::terminateBuiltin("calibrate"); // No tr - Opie::Security::MultiauthPassword::authenticate(at_poweron); + int lockMode = at_poweron ? Opie::Security::IfPowerOn : Opie::Security::IfResume; + Opie::Security::MultiauthPassword::authenticate(lockMode); loggedin=1; #ifndef QT_NO_COP QCopEnvelope e( "QPE/Desktop", "unlocked()" ); #endif } } #if defined(QPE_HAVE_TOGGLELIGHT) #include <qtopia/config.h> #include <sys/ioctl.h> #include <sys/types.h> #include <fcntl.h> #include <unistd.h> #include <errno.h> #include <linux/ioctl.h> diff --git a/core/settings/security/demo/main.cpp b/core/settings/security/demo/main.cpp index 1c49f57..82f940d 100644 --- a/core/settings/security/demo/main.cpp +++ b/core/settings/security/demo/main.cpp @@ -1,12 +1,12 @@ #include <opie2/multiauthpassword.h> #include <opie2/oapplication.h> /// Run an authentication sequence using the global opie-security settings int main( int argc, char ** argv ) { Opie::Core::OApplication app(argc, argv, "Multi-authentication demo"); // Run the authentication process until it succeeds - Opie::Security::MultiauthPassword::authenticate(); + Opie::Security::MultiauthPassword::authenticate(Opie::Security::LockNow); } diff --git a/core/settings/security/multiauthconfig.cpp b/core/settings/security/multiauthconfig.cpp index 192b8ca..9d5c032 100644 --- a/core/settings/security/multiauthconfig.cpp +++ b/core/settings/security/multiauthconfig.cpp @@ -1,18 +1,18 @@ #include <opie2/odebug.h> -#include <opie2/multiauthmainwindow.h> +#include <opie2/multiauthpassword.h> #include <qgroupbox.h> #include <qvgroupbox.h> #include <qpe/resource.h> #include <qlayout.h> #include <qlabel.h> #include <qhbox.h> #include <qheader.h> #include <qvbox.h> #include <qwhatsthis.h> #include <qtoolbutton.h> #include <qstringlist.h> #include <qdir.h> #include <qpe/qlibrary.h> #include <qpe/qpeapplication.h> @@ -108,48 +108,34 @@ void MultiauthGeneralConfig::tryAuth() { QMessageBox confirmSave( tr("Attention"), "<p>" + tr("You must save your current settings before trying to authenticate. Press OK to accept and launch a simulated authentication process.") + "</p><p><em>" + tr("If you don't like the result of this test, don't forget to change your settings before you exit the configuration application!") + "</em></p>", QMessageBox::Warning, QMessageBox::Cancel, QMessageBox::Yes, QMessageBox::NoButton, 0, QString::null, TRUE, WStyle_StaysOnTop); confirmSave.setButtonText(QMessageBox::Cancel, tr("Cancel")); confirmSave.setButtonText(QMessageBox::Yes, tr("OK")); if ( confirmSave.exec() == QMessageBox::Yes) { owarn << "writing config as user accepted" << oendl; m_parentConfig->writeConfigs(); owarn << "testing authentication" << oendl; - - /* launch the authentication in debug, aka "allowBypass == true", mode - */ - - Opie::Security::MultiauthMainWindow win(true); - // resize the QDialog object so it fills all the screen - QRect desk = qApp->desktop()->geometry(); - win.setGeometry( 0, 0, desk.width(), desk.height() ); - - // the authentication has already succeeded (without win interactions) - if ( win.isAlreadyDone() ) - return; - - win.exec(); - - } + // launch the authentication in testing mode + Opie::Security::MultiauthPassword::authenticate(Opie::Security::TestNow); } /// Builds and displays the Opie multi-authentication configuration dialog static void test_and_start() { Config pcfg("Security"); pcfg.setGroup( "Misc" ); bool protectConfigDialog = ! pcfg.readBoolEntry("noProtectConfig", true); if (protectConfigDialog && Opie::Security::Internal::runPlugins() != 0) { owarn << "authentication failed, not showing opie-security" << oendl; exit( -1 ); } } diff --git a/libopie2/opiesecurity/multiauthpassword.cpp b/libopie2/opiesecurity/multiauthpassword.cpp index 42341f7..8eda554 100644 --- a/libopie2/opiesecurity/multiauthpassword.cpp +++ b/libopie2/opiesecurity/multiauthpassword.cpp @@ -40,66 +40,99 @@ #include <qpe/qcom.h> /* QT */ #include <qapplication.h> #include <qvbox.h> #include <qpushbutton.h> #include <qlabel.h> #include <qdir.h> #include "multiauthpassword.h" namespace Opie { namespace Security { /** - * If the users requires authentication... #fixme + * Tells if the users requires authentication (used internally to + * know whether to repaint the screen on resume) * - * @todo fix up at_poweron attribute + * \param at_poweron true if we are booting Opie, false if we are resuming it + * \return true if authenticate() launched right now would trigger an authentication */ bool MultiauthPassword::needToAuthenticate(bool at_poweron) { Config cfg("Security"); cfg.setGroup("Misc"); if ( !at_poweron && cfg.readBoolEntry("onStart", false) ) return true; else if ( at_poweron && cfg.readBoolEntry("onResume", false) ) return true; else return false; } + /** - * \brief Require user authentication to unlock and continue + * \brief Require (if configured so) user authentication to unlock and continue * * This method will check if you require authentication * and then will lock the screen and ask for a successful * authentication (explaining what it does or not, depending * on your local configuration). * It may go into an event loop, but anyhow it will only end * when the user has successfully authenticated to the system. */ -void MultiauthPassword::authenticate(bool at_poweron) +void MultiauthPassword::authenticate(int lockMode) { - if ( ! needToAuthenticate(at_poweron) ) - return; + /** + * \par Conditions + * + * If lockMode is an If, it's conditional: + * \li IfPowerOn will not trigger an authentication if + * onStart is set to false in Security.conf, + * \li IfResume will not trigger an authentication if + * onResume is set to false in Security.conf. + */ + if ( (lockMode == IfPowerOn) || (lockMode == IfResume) ) + { + Config cfg("Security"); + cfg.setGroup("Misc"); + if ( ( + (lockMode == IfPowerOn) && cfg.readBoolEntry("onStart", false) + ) || ( + (lockMode == IfResume) && cfg.readBoolEntry("onResume", false) + ) ) + return; + } + + /** + * \li TestNow will ensure that the authentication window will let + * people escape through the last screen (which they can reach skipping + * all the authentication steps) + * \li LockNow will always go on with the authentication, and won't let + * people escape. + */ + bool allowByPass = false; + + if (lockMode == TestNow) + allowByPass = true; /* Constructs the main window, which displays messages and blocks * access to the desktop */ - MultiauthMainWindow win; + MultiauthMainWindow win(allowByPass); // resize the QDialog object so it fills all the screen QRect desk = qApp->desktop()->geometry(); win.setGeometry( 0, 0, desk.width(), desk.height() ); // the authentication has already succeeded (without win interactions) if ( win.isAlreadyDone() ) return; win.exec(); } } } diff --git a/libopie2/opiesecurity/multiauthpassword.h b/libopie2/opiesecurity/multiauthpassword.h index fe276da..effdaa1 100644 --- a/libopie2/opiesecurity/multiauthpassword.h +++ b/libopie2/opiesecurity/multiauthpassword.h @@ -25,35 +25,41 @@ -. .:....=;==+<; You should have received a copy of the GNU -_. . . )=. = Library General Public License along with -- :-=` this library; see the file COPYING.LIB. If not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ #ifndef OPIE_SEC_MULTIAUTHPASSWORD_H #define OPIE_SEC_MULTIAUTHPASSWORD_H namespace Opie { namespace Security { +enum lockMode { + IfPowerOn, + IfResume, + TestNow, + LockNow }; /** * This is the dropin replacement for the libqpe Password class. * If you call authenticate() a widget will cover the whole screen * and only return if the user is able to authenticate with any of the * configured Authentication Plugins. * It uses the Opie::Security::MultiauthMainWindow QDialog internally. * * @author Clement Séveillac, Holger Freyther */ class MultiauthPassword { + public: - static bool needToAuthenticate( bool atpoweron = false ); - static void authenticate(bool atpoweron = false); + static void authenticate(int authMode = LockNow); + static bool needToAuthenticate( bool atpoweron = false ); }; } } #endif @@ -85,32 +85,33 @@ CONFIG_LIBOPIE2NET libopie2/opienet opienet.pro CONFIG_LIBOPIE2PIM libopie2/opiepim opiepim.pro CONFIG_LIBOPIE2SECURITY libopie2/opiesecurity opiesecurity.pro CONFIG_LIBOPIE2UI libopie2/opieui opieui.pro CONFIG_LIBOPIE libopie libopie.pro CONFIG_LIBOPIE_PIM libopie/pim pim.pro CONFIG_LIBOPIETOOTH noncore/net/opietooth/lib lib.pro CONFIG_LIBQPE library library.pro CONFIG_LIBQPE-X11 x11/libqpe-x11 libqpe-x11.pro CONFIG_LIBQRSYNC rsync rsync.pro CONFIG_LIBQTAUX libqtaux libqtaux.pro CONFIG_LIBSLCOMPAT libslcompat libslcompat.pro CONFIG_LIBSQL libsql libsql.pro CONFIG_LIBTREMOR core/multimedia/opieplayer/vorbis/tremor tremor.pro CONFIG_LIBTREMORPLUGIN core/multimedia/opieplayer/vorbis libtremor.pro CONFIG_LIGHT-AND-POWER core/settings/light-and-power light-and-power.pro CONFIG_LIQUID noncore/styles/liquid liquid.pro +CONFIG_LOCKAPPLET core/applets/lockapplet lockapplet.pro CONFIG_LOGOUTAPPLET core/applets/logoutapplet logoutapplet.pro CONFIG_MAIL3 noncore/net/mail mail.pro CONFIG_MAILAPPLET noncore/net/mail/taskbarapplet taskbarapplet.pro CONFIG_MAILIT noncore/unsupported/mailit mailit.pro CONFIG_MAIN_TAB_EXAMPLE examples/main-tab example.pro CONFIG_MEDIUMMOUNT noncore/settings/mediummount mediummount.pro CONFIG_MEMORYAPPLET noncore/applets/memoryapplet memoryapplet.pro CONFIG_METAL noncore/styles/metal metal.pro CONFIG_MINDBREAKER noncore/games/mindbreaker mindbreaker.pro CONFIG_MINESWEEP noncore/games/minesweep minesweep.pro CONFIG_MOBILEMSG noncore/comm/mobilemsg mobilemsg.pro CONFIG_MODPLUG core/multimedia/opieplayer/modplug modplug.pro CONFIG_MULTIAUTH_BLUEPING noncore/securityplugins/blueping bluepingplugin.pro CONFIG_MULTIAUTH_DUMMY noncore/securityplugins/dummy dummyplugin.pro CONFIG_MULTIAUTH_NOTICE noncore/securityplugins/notice noticeplugin.pro CONFIG_MULTIAUTH_PIN noncore/securityplugins/pin pinplugin.pro diff --git a/pics/security/lock.png b/pics/security/lock.png Binary files differnew file mode 100644 index 0000000..94d1dbc --- a/dev/null +++ b/pics/security/lock.png |