[volume_key/f14/master] Two UI improvements
Miloslav Trmac
mitr at fedoraproject.org
Mon Oct 18 15:45:35 UTC 2010
commit 4886de908b384d03ae2405c97a9245831005894d
Author: Miloslav Trmač <mitr at redhat.com>
Date: Mon Oct 18 17:45:07 2010 +0200
Two UI improvements
* Mon Oct 18 2010 Miloslav Trmač <mitr at redhat.com> - 0.3.4-4
- Tell the user if asking for the same passphrase again
Resolves: #641111
- Check certificate file before interacting with the user
Resolves: #643897
volume_key-0.3.4-cert-errors.patch | 79 ++++++++++++++++++++++++++++++++++
volume_key-0.3.4-passphrase-ui.patch | 59 +++++++++++++++++++++++++
volume_key.spec | 15 ++++++-
3 files changed, 152 insertions(+), 1 deletions(-)
---
diff --git a/volume_key-0.3.4-cert-errors.patch b/volume_key-0.3.4-cert-errors.patch
new file mode 100644
index 0000000..6bc2aa9
--- /dev/null
+++ b/volume_key-0.3.4-cert-errors.patch
@@ -0,0 +1,79 @@
+Subject: [PATCH] Report certificate errors sooner.
+
+2010-10-18 Miloslav Trmač <mitr at redhat.com>
+
+ * src/volume_key.c (pos_interact): Split from pos_init ().
+ (do_save, do_reencrypt): Call pos_init () as early as possible. Use
+ pos_interact () at the original location.
+diff --git a/src/volume_key.c b/src/volume_key.c
+index 855956f..83d9a02 100644
+--- a/src/volume_key.c
++++ b/src/volume_key.c
+@@ -601,7 +601,7 @@ struct packet_output_state
+ char *passphrase;
+ };
+
+-/* Init POS.
++/* Init POS, without user interaction.
+ Return 0 if OK, -1 on error. */
+ static int
+ pos_init (struct packet_output_state *pos, GError **error)
+@@ -635,6 +635,22 @@ pos_init (struct packet_output_state *pos, GError **error)
+ }
+ else
+ {
++ /* Will ask for passphrase in pos_interact */
++ }
++ return 0;
++}
++
++/* Interact with the user about POS.
++ Return 0 if OK, -1 on error. */
++static int
++pos_interact (struct packet_output_state *pos, GError **error)
++{
++ if (output_format_cleartext != 0 || output_certificate != NULL)
++ {
++ /* Nothing - pos_init () is enough. */
++ }
++ else
++ {
+ char *passphrase;
+ unsigned failed;
+
+@@ -805,6 +821,9 @@ do_save (int argc, char *argv[])
+ error_exit (_("Usage: %s --save VOLUME [PACKET]"), g_get_prgname ());
+
+ error = NULL;
++ if (pos_init (&pos, &error) != 0)
++ error_exit ("%s", error->message);
++
+ v = libvk_volume_open (argv[1], &error);
+ if (v == NULL)
+ error_exit (_("Error opening `%s': %s"), argv[1], error->message);
+@@ -824,7 +843,7 @@ do_save (int argc, char *argv[])
+ else if (libvk_volume_get_secret (v, LIBVK_SECRET_DEFAULT, ui, &error) != 0)
+ error_exit (_("Error opening `%s': %s"), argv[1], error->message);
+
+- if (pos_init (&pos, &error) != 0
++ if (pos_interact (&pos, &error) != 0
+ || output_packet (&pos, v, ui, &error) != 0)
+ error_exit ("%s", error->message);
+ if (output_created_random_passphrase != NULL)
+@@ -1007,12 +1026,15 @@ do_reencrypt (int argc, char *argv[])
+ error_exit (_("Usage: %s --%s PACKET"), g_get_prgname (), "reencrypt");
+
+ error = NULL;
++ if (pos_init (&pos, &error) != 0)
++ error_exit ("%s", error->message);
++
+ ui = create_ui ();
+ pack = open_packet_file (argv[1], ui, &error);
+ if (pack == NULL)
+ error_exit ("%s", error->message);
+
+- if (pos_init (&pos, &error) != 0
++ if (pos_interact (&pos, &error) != 0
+ || output_packet (&pos, pack, ui, &error) != 0)
+ error_exit ("%s", error->message);
+ pos_free (&pos);
diff --git a/volume_key-0.3.4-passphrase-ui.patch b/volume_key-0.3.4-passphrase-ui.patch
new file mode 100644
index 0000000..3ac9c7c
--- /dev/null
+++ b/volume_key-0.3.4-passphrase-ui.patch
@@ -0,0 +1,59 @@
+Subject: [PATCH 1/2] Tell the user when a non-NSS passphrase is incorrect.
+
+2010-10-18 Miloslav Trmač <mitr at redhat.com>
+
+ * src/volume_key.c (passphrase_ui_cb): Tell the user when a non-NSS
+ passphrase is incorrect.
+diff --git a/src/volume_key.c b/src/volume_key.c
+index 7f9f391..c9c4bca 100644
+--- a/src/volume_key.c
++++ b/src/volume_key.c
+@@ -545,6 +545,8 @@ passphrase_ui_cb (void *data, const char *prompt, unsigned failed_attempts)
+ return NULL;
+ return read_batch_string ();
+ }
++ if (failed_attempts != 0)
++ fprintf (stderr, _("Error, try again.\n"));
+ s = g_strdup_printf (_("%s: "), prompt);
+ res = get_password (s);
+ g_free (s);
+--
+
+2010-10-18 Miloslav Trmač <mitr at redhat.com>
+
+ * lib/volume_luks.c (luks_apply_secret)
+ * src/volume_key.c (pos_interact): Only tell the user about an incorrect
+ passphrase once.
+diff --git a/lib/volume_luks.c b/lib/volume_luks.c
+index 4561a43..4650464 100644
+--- a/lib/volume_luks.c
++++ b/lib/volume_luks.c
+@@ -481,7 +481,9 @@ luks_apply_secret (struct libvk_volume *vol, const struct libvk_volume *packet,
+ failed, error);
+ if (passphrase == NULL)
+ goto err_prompts;
+- passphrase2 = ui_get_passphrase (ui, prompt2, failed, error);
++ /* The repeated passphrase is always considered a first attempt -
++ otherwise src/volume_key.c would prepend "Error, try again". */
++ passphrase2 = ui_get_passphrase (ui, prompt2, 0, error);
+ if (passphrase2 == NULL)
+ goto err_passphrase;
+ passphrase_ok = strcmp (passphrase, passphrase2) == 0;
+diff --git a/src/volume_key.c b/src/volume_key.c
+index c9c4bca..855956f 100644
+--- a/src/volume_key.c
++++ b/src/volume_key.c
+@@ -652,9 +652,10 @@ pos_init (struct packet_output_state *pos, GError **error)
+ "New packet passphrase"), failed);
+ if (passphrase == NULL)
+ goto no_passphrase;
++ /* The repeated passphrase is always considered a first attempt -
++ otherwise passphrase_ui_cb would prepend "Error, try again". */
+ passphrase2 = passphrase_ui_cb (NULL,
+- _("Repeat new packet passphrase"),
+- failed);
++ _("Repeat new packet passphrase"), 0);
+ if (passphrase2 == NULL)
+ {
+ memset (passphrase, 0, strlen (passphrase));
+--
diff --git a/volume_key.spec b/volume_key.spec
index 1bcb906..24cc446 100644
--- a/volume_key.spec
+++ b/volume_key.spec
@@ -3,7 +3,7 @@
Summary: An utility for manipulating storage encryption keys and passphrases
Name: volume_key
Version: 0.3.4
-Release: 3%{?dist}
+Release: 4%{?dist}
License: GPLv2
Group: Applications/System
URL: https://fedorahosted.org/volume_key/
@@ -16,6 +16,11 @@ Patch0: volume_key-0.3.4-volume-doc.patch
Patch1: volume_key-0.3.4-ssl-errors.patch
# Upstream commit 82f476f614ff8492231e730b6ceffaa7242481cc
Patch2: volume_key-0.3.4-getpass.patch
+# Upstream commits b66602b8ef4e6ef8325c0b97fce821e183a2ae84,
+# 1dcafdcd6f3097487b92f86e9db3e5412c266ee5
+Patch3: volume_key-0.3.4-passphrase-ui.patch
+# Upstream commit 40e5330c076f9f4e149c2091900602d3de41b119
+Patch4: volume_key-0.3.4-cert-errors.patch
BuildRequires: cryptsetup-luks-devel, gettext-devel, glib2-devel, gnupg
BuildRequires: gpgme-devel, libblkid-devel, nss-devel, python-devel
@@ -82,6 +87,8 @@ for other formats is possible, some formats are planned for future releases.
%patch0 -p1 -b .volume-doc
%patch1 -p1 -b .ssl-errors
%patch2 -p1 -b .getpass
+%patch3 -p1 -b .passphrase-ui
+%patch4 -p1 -b .cert-errors
%build
%configure
@@ -122,6 +129,12 @@ rm -rf $RPM_BUILD_ROOT
%{python_sitearch}/volume_key.py*
%changelog
+* Mon Oct 18 2010 Miloslav Trmač <mitr at redhat.com> - 0.3.4-4
+- Tell the user if asking for the same passphrase again
+ Resolves: #641111
+- Check certificate file before interacting with the user
+ Resolves: #643897
+
* Fri Oct 8 2010 Miloslav Trmač <mitr at redhat.com> - 0.3.4-3
- Make it possible to interrupt password prompts
Resolves: #641111
More information about the scm-commits
mailing list