From 07ad923cf21dbdf9beb6a2277b3361b66c9e1f5f Mon Sep 17 00:00:00 2001 From: Ivailo Monev Date: Sat, 9 Apr 2022 15:58:57 +0300 Subject: [PATCH] kutils: implement config options for the cookie type, number of retries and timeout Signed-off-by: Ivailo Monev --- kutils/kpasswdstore/kded/kpasswdstoreimpl.cpp | 17 ++++++++++++----- kutils/kpasswdstore/kded/kpasswdstoreimpl.h | 2 ++ kutils/kpasswdstore/kpasswdstore.cpp | 19 ++++++++++++++----- 3 files changed, 28 insertions(+), 10 deletions(-) diff --git a/kutils/kpasswdstore/kded/kpasswdstoreimpl.cpp b/kutils/kpasswdstore/kded/kpasswdstoreimpl.cpp index c8286e64..8f4c7f62 100644 --- a/kutils/kpasswdstore/kded/kpasswdstoreimpl.cpp +++ b/kutils/kpasswdstore/kded/kpasswdstoreimpl.cpp @@ -34,7 +34,7 @@ static const int kpasswdstore_buffsize = 1024; static const int kpasswdstore_passretries = 3; -static const qint64 kpasswdstore_passtimeout = 2 * 60000; +static const qint64 kpasswdstore_passtimeout = 2; // minutes // EVP_CIPHER_CTX_key_length() and EVP_CIPHER_CTX_iv_length() cannot be called // prior to EVP_EncryptInit() and EVP_DecryptInit() so hardcoding these @@ -63,7 +63,9 @@ static inline QByteArray genBytes(const QByteArray &data, const int length) } KPasswdStoreImpl::KPasswdStoreImpl(const QString &id) - : m_cacheonly(false), + : m_retries(kpasswdstore_passretries), + m_timeout(kpasswdstore_passtimeout * 60000), + m_cacheonly(false), m_storeid(id), m_passwdstore(KStandardDirs::locateLocal("data", "kpasswdstore.ini")) { @@ -71,6 +73,11 @@ KPasswdStoreImpl::KPasswdStoreImpl(const QString &id) ERR_load_ERR_strings(); EVP_add_cipher(EVP_bf_cfb64()); #endif + + KConfig kconfig("kpasswdstorerc", KConfig::SimpleConfig); + KConfigGroup kconfiggroup = kconfig.group("KPasswdStore"); + m_retries = kconfiggroup.readEntry("Retries", kpasswdstore_passretries); + m_timeout = (kconfiggroup.readEntry("Timeout", kpasswdstore_passtimeout) * 60000); } KPasswdStoreImpl::~KPasswdStoreImpl() @@ -89,8 +96,8 @@ bool KPasswdStoreImpl::openStore(const qlonglong windowid) } bool cancel = false; - int retry = kpasswdstore_passretries; - while (retry > 0 && !ensurePasswd(windowid, retry < kpasswdstore_passretries, &cancel)) { + quint8 retry = m_retries; + while (retry > 0 && !ensurePasswd(windowid, retry < m_retries, &cancel)) { retry--; if (cancel) { break; @@ -168,7 +175,7 @@ bool KPasswdStoreImpl::ensurePasswd(const qlonglong windowid, const bool showerr Q_ASSERT(!cacheonly); #if defined(HAVE_OPENSSL) - if (!m_passwd.isEmpty() && m_passwdtimer.elapsed() >= kpasswdstore_passtimeout) { + if (!m_passwd.isEmpty() && m_passwdtimer.elapsed() >= m_timeout) { m_passwd.clear(); } m_passwdtimer.restart(); diff --git a/kutils/kpasswdstore/kded/kpasswdstoreimpl.h b/kutils/kpasswdstore/kded/kpasswdstoreimpl.h index 17ee10f8..417b96ac 100644 --- a/kutils/kpasswdstore/kded/kpasswdstoreimpl.h +++ b/kutils/kpasswdstore/kded/kpasswdstoreimpl.h @@ -50,6 +50,8 @@ private: QString encryptPasswd(const QString &passwd, bool *ok) const; QString decryptPasswd(const QString &passwd, bool *ok) const; + quint8 m_retries; + qint64 m_timeout; bool m_cacheonly; QString m_storeid; QString m_passwdstore; diff --git a/kutils/kpasswdstore/kpasswdstore.cpp b/kutils/kpasswdstore/kpasswdstore.cpp index 29a060dc..4a79b72e 100644 --- a/kutils/kpasswdstore/kpasswdstore.cpp +++ b/kutils/kpasswdstore/kpasswdstore.cpp @@ -17,6 +17,8 @@ */ #include "kpasswdstore.h" +#include "kconfig.h" +#include "kconfiggroup.h" #include #include @@ -28,12 +30,19 @@ static QByteArray getCookie() { - // TODO: config knob for this, eavesdropping will be piece of cake - return QByteArray::number(::getuid()); -#if 0 - return QByteArray::number(::getpid()); - return qRandomUuid(); + KConfig kconfig("kpasswdstorerc", KConfig::SimpleConfig); + KConfigGroup kconfiggroup = kconfig.group("KPasswdStore"); + const QByteArray cookietype = kconfiggroup.readEntry("Cookie", QByteArray()).toLower(); + if (cookietype == "pid") { + return QByteArray::number(::getpid()); + } else if (cookietype == "random") { +#if QT_VERSION >= 0x041200 + return qRandomUuid(); +#else + return QByteArray::number(qrand()); #endif + } + return QByteArray::number(::getuid()); } class KPasswdStorePrivate