Skip to content
Snippets Groups Projects
Commit 264ad344 authored by Nigel Kukard's avatar Nigel Kukard
Browse files

Save password in kwallet if available

If awit-ssh-client was given access to kwallet, save our LDAP
passsword if we managed to search the LDAP DB.
parent fce44728
No related branches found
No related tags found
No related merge requests found
...@@ -185,9 +185,14 @@ if (!defined($username) || $username eq "") { ...@@ -185,9 +185,14 @@ if (!defined($username) || $username eq "") {
print STDERR "Your LDAP CN : $username (passwd->gecos)\n"; print STDERR "Your LDAP CN : $username (passwd->gecos)\n";
} }
my $password;
if ($config->SectionExists("kwallet")) { # Sort out LDAP password
my $password;
# Lets try kwallet
my ($kwalletObject,$kwalletHandle);
# IF removed, lets rather run this in its own scope...
{
my $dbus = Net::DBus->find(); my $dbus = Net::DBus->find();
# Grab the kwallet service off DBus # Grab the kwallet service off DBus
...@@ -196,24 +201,15 @@ if ($config->SectionExists("kwallet")) { ...@@ -196,24 +201,15 @@ if ($config->SectionExists("kwallet")) {
logger('WARNING',color('magenta')."Kwallet not found on DBus".color('reset')); logger('WARNING',color('magenta')."Kwallet not found on DBus".color('reset'));
goto KWALLET_END; goto KWALLET_END;
} }
my $kwalletObject = $kwalletService->get_object('/modules/kwalletd','org.kde.KWallet'); $kwalletObject = $kwalletService->get_object('/modules/kwalletd','org.kde.KWallet');
# Grab a handle to the network wallet # Grab a handle to the network wallet
my $networkWalletName = $kwalletObject->networkWallet(); my $networkWalletName = $kwalletObject->networkWallet();
my $kwalletHandle = $kwalletObject->open($networkWalletName,0,$NAME); $kwalletHandle = $kwalletObject->open($networkWalletName,0,$NAME);
my $kwalletFolder = $config->val("kwallet","folder"); $password = $kwalletObject->readPassword($kwalletHandle,"ldap","password",$NAME);
if (!defined($kwalletFolder) || $kwalletFolder eq "") {
logger('ERROR',color('magenta')."Kwallet folder not defined in config file".color('reset'));
exit 1;
}
my $kwalletFolderEntry = $config->val("kwallet","entry");
if (!defined($kwalletFolderEntry) || $kwalletFolderEntry eq "") {
logger('ERROR',color('magenta')."Kwallet folder entry not defined in config file".color('reset'));
exit 1;
}
$password = $kwalletObject->readPassword($kwalletHandle,$kwalletFolder,$kwalletFolderEntry,$NAME);
KWALLET_END: KWALLET_END:
} }
# If kwallet returned nothing, try read from terminal
if (!defined($password) || $password eq "") { if (!defined($password) || $password eq "") {
print STDERR "Your LDAP Password: "; print STDERR "Your LDAP Password: ";
# Don't echo password # Don't echo password
...@@ -374,6 +370,13 @@ delete($ENV{'LC_TIME'}); ...@@ -374,6 +370,13 @@ delete($ENV{'LC_TIME'});
delete($ENV{'LC_CTYPE'}); delete($ENV{'LC_CTYPE'});
# If we have kwalletObject and kwalletHandle defined, store the password as we've given awit-ssh-client permission to access
# kwallet
if (defined($kwalletObject) && defined($kwalletHandle)) {
$kwalletObject->writePassword($kwalletHandle,"ldap","password",$password,$NAME);
}
exec('/usr/bin/ssh', exec('/usr/bin/ssh',
'-F',$ENV{"HOME"}.'/.ssh/config', '-F',$ENV{"HOME"}.'/.ssh/config',
# Try our key only, we should never need to fall back to password # Try our key only, we should never need to fall back to password
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment