[gq-commit] gq/src prefs.c,1.21,1.22 util.c,1.40,1.41 util.h,1.15,1.16

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/gqclient/gq/src
In directory usw-pr-cvs1:/tmp/cvs-serv14628

Modified Files:
	prefs.c util.c util.h 
Log Message:
* Passwort fields now do not show passwords in clear text - suggested by 
  Jacek Konieczny <ja...@bn...> (followed by a discussion)

  This is against a former point-of-view to not create the impression
  that passwords are safe when given to gq (They are not!). This dilemma
  is solved by popping up a warning when a password is entered in the 
  preferences window. 

  There will be a (backwards compatible) change to the configfile in a
  future release: we eill encode the password to hide it from occasional
  glances on the config file.

Index: prefs.c
===================================================================
RCS file: /cvsroot/gqclient/gq/src/prefs.c,v
retrieving revision 1.21
retrieving revision 1.22
diff -C2 -d -r1.21 -r1.22
*** prefs.c	18 Jun 2002 22:07:14 -0000	1.21
--- prefs.c	3 Jul 2002 20:13:05 -0000	1.22
***************
*** 60,72 ****
       struct ldapserver *server, *servers;
       int server_name_changed;
!      char *text;
  #if HAVE_LDAP_CLIENT_CACHE
       char *ep;
       int tmp;
  #endif
!      
       server = data;
       window = current_edit_server_window;

       /* Name */
       field = get_widget(window, "servername");
--- 60,91 ----
       struct ldapserver *server, *servers;
       int server_name_changed;
!      char *text, *passwdtext;
  #if HAVE_LDAP_CLIENT_CACHE
       char *ep;
       int tmp;
  #endif
! 
       server = data;
       window = current_edit_server_window;

+      /* Bind Password - retrieve asap, as we might pop up a warning
+         regarding cleartext passwords in .gq */
+      field = get_widget(window, "bindpw");
+      passwdtext = gtk_entry_get_text(GTK_ENTRY(field));
+ 
+      if (passwdtext && strlen(passwdtext) > 0) {
+ 	  int rc = 
+ 	       question_popup(_("Warning: Cleartext password"),
+ 			      _("The password you have entered will be stored as clear text in your\n"
+ 				"HOME directory in the file " RCFILE ". This file will not be readable\n"
+ 				"by anybody else (except the system administrator), but you may\n"
+ 				"nevertheless prefer to not store your bind password as clear text.\n\n"
+ 				"Do you want to store your bind password as clear text?"));
+ 	  if (!rc) {
+ 	       return;
+ 	  }
+      }
+   
+ 
       /* Name */
       field = get_widget(window, "servername");
***************
*** 114,120 ****

       /* Bind Password */
!      field = get_widget(window, "bindpw");
!      text = gtk_entry_get_text(GTK_ENTRY(field));
!      strncpy(server->bindpw, text, MAX_BINDPW_LEN);

       /* Search attribute */
--- 133,137 ----

       /* Bind Password */
!      strncpy(server->bindpw, passwdtext, MAX_BINDPW_LEN);

       /* Search attribute */
***************
*** 219,222 ****
--- 236,244 ----
  }

+ static void ask_pw_toggled(GtkToggleButton *button, GtkWidget *bindpw)
+ {
+      gtk_widget_set_sensitive(bindpw, !gtk_toggle_button_get_active(button));
+ }
+ 

  void create_edit_server_window(struct ldapserver *server)
***************
*** 227,230 ****
--- 249,253 ----
       GtkWidget *label, *entry, *button;
       GtkWidget *okbutton, *cancelbutton;
+      GtkWidget *bindpw;
       int y, editing_new_server;
       char title[MAX_SERVERNAME_LEN + 8];
***************
*** 396,400 ****
  		      GTK_EXPAND | GTK_FILL, GTK_EXPAND | GTK_FILL, 0, 0);

!      entry = gtk_entry_new();
       gtk_object_set_data(GTK_OBJECT(editwindow), "bindpw", entry);
       gtk_entry_set_text(GTK_ENTRY(entry), server->bindpw);
--- 419,427 ----
  		      GTK_EXPAND | GTK_FILL, GTK_EXPAND | GTK_FILL, 0, 0);

!      bindpw = entry = gtk_entry_new();
!      /* Follow the suggestion of Jacek Konieczny <ja...@bn...>,
! 	(even though Bert won't like it[?]) and do not show the password
! 	in cleartext... */
!      gtk_entry_set_visibility(GTK_ENTRY(entry), FALSE);
       gtk_object_set_data(GTK_OBJECT(editwindow), "bindpw", entry);
       gtk_entry_set_text(GTK_ENTRY(entry), server->bindpw);
***************
*** 492,497 ****
       button = gtk_check_button_new_with_label(_("Ask password on first connect"));
       gtk_object_set_data(GTK_OBJECT(editwindow), "ask_pw", button);
!      if(server->ask_pw)
  	  gtk_toggle_button_set_state(GTK_TOGGLE_BUTTON(button), TRUE);
       GTK_WIDGET_UNSET_FLAGS(GTK_CHECK_BUTTON(button), GTK_CAN_FOCUS);
       gtk_widget_show(button);
--- 519,530 ----
       button = gtk_check_button_new_with_label(_("Ask password on first connect"));
       gtk_object_set_data(GTK_OBJECT(editwindow), "ask_pw", button);
!      if(server->ask_pw) {
  	  gtk_toggle_button_set_state(GTK_TOGGLE_BUTTON(button), TRUE);
+ 	  gtk_widget_set_sensitive(GTK_WIDGET(bindpw), FALSE);
+      }
+ 
+      gtk_signal_connect(GTK_OBJECT(button), "toggled",
+ 			GTK_SIGNAL_FUNC(ask_pw_toggled), bindpw);
+ 
       GTK_WIDGET_UNSET_FLAGS(GTK_CHECK_BUTTON(button), GTK_CAN_FOCUS);
       gtk_widget_show(button);

Index: util.c
===================================================================
RCS file: /cvsroot/gqclient/gq/src/util.c,v
retrieving revision 1.40
retrieving revision 1.41
diff -C2 -d -r1.40 -r1.41
*** util.c	27 Jun 2002 08:20:23 -0000	1.40
--- util.c	3 Jul 2002 20:13:05 -0000	1.41
***************
*** 255,259 ****
       if (server->ask_pw &&
  	 server->binddn[0] != 0 && /* makes sense only if we bind as someone */
! 	 server->bindpw[0] == 0 && 
  	 server->enteredpw[0] == 0) {
  	 char *ret;
--- 255,259 ----
       if (server->ask_pw &&
  	 server->binddn[0] != 0 && /* makes sense only if we bind as someone */
! 	 /*	 server->bindpw[0] == 0 &&  */
  	 server->enteredpw[0] == 0) {
  	 char *ret;
***************
*** 261,265 ****
  		  _("Password for server %s"), server->ldaphost);

! 	 if (query_popup(message, &ret)) {
  	     if (ret) {
  		 strncpy(server->enteredpw, ret, 
--- 261,265 ----
  		  _("Password for server %s"), server->ldaphost);

! 	 if (query_popup(message, &ret, TRUE /* is_password */)) {
  	     if (ret) {
  		 strncpy(server->enteredpw, ret, 
***************
*** 1151,1155 ****
     functions waits for the data and puts it into outbuf. */

! int query_popup(const char *title, gchar **outbuf)
  {
       GtkWidget *window, *vbox1, *vbox2, *label, *inputbox, *button, *hbox0;
--- 1151,1155 ----
     functions waits for the data and puts it into outbuf. */

! int query_popup(const char *title, gchar **outbuf, gboolean is_password)
  {
       GtkWidget *window, *vbox1, *vbox2, *label, *inputbox, *button, *hbox0;
***************
*** 1195,1198 ****
--- 1195,1201 ----
       GTK_WIDGET_SET_FLAGS(inputbox, GTK_CAN_FOCUS);
       GTK_WIDGET_SET_FLAGS(inputbox, GTK_CAN_DEFAULT);
+      if (is_password) {
+ 	  gtk_entry_set_visibility(GTK_ENTRY(inputbox), FALSE);
+      }
       gtk_widget_show(inputbox);
       gtk_signal_connect(GTK_OBJECT(inputbox), "activate",

Index: util.h
===================================================================
RCS file: /cvsroot/gqclient/gq/src/util.h,v
retrieving revision 1.15
retrieving revision 1.16
diff -C2 -d -r1.15 -r1.16
*** util.h	21 Jun 2002 00:34:32 -0000	1.15
--- util.h	3 Jul 2002 20:13:05 -0000	1.16
***************
*** 70,74 ****
  void dump_mods(LDAPMod **mods);
  const char *find_s_by_at_oid(struct ldapserver *server, const char *oid);
! int query_popup(const char *title, gchar **outbuf);
  int question_popup(const char *title, const char *question);

--- 70,74 ----
  void dump_mods(LDAPMod **mods);
  const char *find_s_by_at_oid(struct ldapserver *server, const char *oid);
! int query_popup(const char *title, gchar **outbuf, gboolean is_password);
  int question_popup(const char *title, const char *question);