TDE
/
smartcardauth
mirror of https://mirror.git.trinitydesktop.org/gitea/TDE/smartcardauth
0
0
Fork 0
Code Issues Releases Wiki Activity

Prevent a large number of TQString => char* => TQString conversions.

Browse Source 
The definition of -UQT_NO_ASCII_CAST is no longer needed.

Signed-off-by: Slávek Banko <slavek.banko@axis.cz>
pull/2/head
Slávek Banko 5 years ago
parent c1af0d2417
commit fa96f7798a
No known key found for this signature in database
GPG Key ID: 608F5293A04BE668
2 changed files with 129 additions and 129 deletions
Show Stats Download Patch File Download Diff File

2
CMakeLists.txt
Unescape View File

@ -51,7 +51,7 @@ include( ConfigureChecks.cmake )
###### global compiler settings ###### global compiler settings
add_definitions( -DHAVE_CONFIG_H -UQT_NO_ASCII_CAST ) add_definitions( -DHAVE_CONFIG_H )
set( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${TQT_CXX_FLAGS}" ) set( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} ${TQT_CXX_FLAGS}" )
set( CMAKE_SHARED_LINKER_FLAGS "${CMAKE_SHARED_LINKER_FLAGS} -Wl,--no-undefined" ) set( CMAKE_SHARED_LINKER_FLAGS "${CMAKE_SHARED_LINKER_FLAGS} -Wl,--no-undefined" )

254
src/smartauthmon.cpp
Unescape View File

@ -89,13 +89,13 @@ void handle_sigpipe(int sig)
} }
} }
TQString readfile(const char * filename) { TQString readfile(const TQString filename) {
FILE *fp; FILE *fp;
long len; long len;
char *buf; char *buf;
fp=fopen(filename, "rb"); fp=fopen(filename.local8Bit(), "rb");
if (fp == NULL) { if (fp == NULL) {
printf("[WARNING] Unable to read from file %s\n", filename); fflush(stdout); printf("[WARNING] Unable to read from file %s\n", filename.local8Bit().data()); fflush(stdout);
return TQString(); return TQString();
} }
fseek(fp,0,SEEK_END); // Seek to end fseek(fp,0,SEEK_END); // Seek to end
@ -110,13 +110,13 @@ TQString readfile(const char * filename) {
return contents; return contents;
} }
int writefile(const char * filename, TQString contents) { int writefile(const TQString filename, TQString contents) {
int fp; int fp;
long len; long len;
char *buf; char *buf;
fp=open(filename, O_WRONLY | O_NONBLOCK); fp=open(filename.local8Bit(), O_WRONLY | O_NONBLOCK);
if (fp < 0) { if (fp < 0) {
printf("[WARNING] Unable to open file %s for writing\n", filename); fflush(stdout); printf("[WARNING] Unable to open file %s for writing\n", filename.local8Bit().data()); fflush(stdout);
return -1; return -1;
} }
int retcode = write(fp, contents.ascii(), contents.length()); int retcode = write(fp, contents.ascii(), contents.length());
@ -124,11 +124,11 @@ int writefile(const char * filename, TQString contents) {
return retcode; return retcode;
} }
TQString exec(const char * cmd) { TQString exec(const TQString cmd) {
TQString bashcommand = cmd; TQString bashcommand = cmd;
bashcommand = bashcommand.replace("\"", "\\\""); bashcommand = bashcommand.replace("\"", "\\\"");
bashcommand = TQString("/bin/bash -c \"%1\"").arg(bashcommand); bashcommand = TQString("/bin/bash -c \"%1\"").arg(bashcommand);
FILE* pipe = popen(bashcommand.ascii(), "r"); FILE* pipe = popen(bashcommand.local8Bit(), "r");
if (!pipe) return "ERROR"; if (!pipe) return "ERROR";
char buffer[128]; char buffer[128];
TQString result = ""; TQString result = "";
@ -142,18 +142,18 @@ TQString exec(const char * cmd) {
return result; return result;
} }
int systemexec(const char * cmd) { int systemexec(const TQString cmd) {
TQString bashcommand = cmd; TQString bashcommand = cmd;
bashcommand = bashcommand.replace("\"", "\\\""); bashcommand = bashcommand.replace("\"", "\\\"");
bashcommand = TQString("/bin/bash -c \"%1\"").arg(bashcommand); bashcommand = TQString("/bin/bash -c \"%1\"").arg(bashcommand);
return system(bashcommand.ascii()) >> 8; return system(bashcommand.local8Bit()) >> 8;
} }
TQString execret(const char * cmd, int * retcode) { TQString execret(const TQString cmd, int * retcode) {
TQString bashcommand = cmd; TQString bashcommand = cmd;
bashcommand = bashcommand.replace("\"", "\\\""); bashcommand = bashcommand.replace("\"", "\\\"");
bashcommand = TQString("/bin/bash -c \"%1\"").arg(bashcommand); bashcommand = TQString("/bin/bash -c \"%1\"").arg(bashcommand);
FILE* pipe = popen(bashcommand.ascii(), "r"); FILE* pipe = popen(bashcommand.local8Bit(), "r");
if (!pipe) return "ERROR"; if (!pipe) return "ERROR";
char buffer[128]; char buffer[128];
TQString result = ""; TQString result = "";
@ -185,45 +185,45 @@ int rmrf(const char *path)
TQString get_file(TQString prefix, TQString mode) { TQString get_file(TQString prefix, TQString mode) {
if (command_mode == "acos") { if (command_mode == "acos") {
// Select EF prefix under DF 1000 // Select EF prefix under DF 1000
systemexec((TQString("echo \"%1 %2\" > %3/query").arg(select_file).arg(prefix).arg(secure_directory)).ascii()); systemexec(TQString("echo \"%1 %2\" > %3/query").arg(select_file).arg(prefix).arg(secure_directory));
systemexec((TQString("scriptor %1/query 1> %2/response2").arg(secure_directory).arg(secure_directory)).ascii()); systemexec(TQString("scriptor %1/query 1> %2/response2").arg(secure_directory).arg(secure_directory));
// printf("[DEBUG 100.0] %s\n", readfile((TQString("%1/response2").arg(secure_directory))).ascii()); fflush(stdout); // printf("[DEBUG 100.0] %s\n", readfile(TQString("%1/response2").arg(secure_directory)).local8Bit().data()); fflush(stdout);
// Read binary // Read binary
systemexec((TQString("echo \"%1\" > %2/query").arg(read_binary).arg(secure_directory)).ascii()); systemexec(TQString("echo \"%1\" > %2/query").arg(read_binary).arg(secure_directory));
systemexec((TQString("scriptor %1/query 1> %2/response2").arg(secure_directory).arg(secure_directory)).ascii()); systemexec(TQString("scriptor %1/query 1> %2/response2").arg(secure_directory).arg(secure_directory));
TQString authokresponse="90 00 : Normal processing"; TQString authokresponse="90 00 : Normal processing";
TQString response1 = exec((TQString("cat %1/response2 | grep \"%2\"").arg(secure_directory).arg(authokresponse)).ascii()); TQString response1 = exec(TQString("cat %1/response2 | grep \"%2\"").arg(secure_directory).arg(authokresponse));
if (response1 != "") { if (response1 != "") {
systemexec((TQString("cat %1/response2 | tr -d '\n' > %2/response4").arg(secure_directory).arg(secure_directory)).ascii()); systemexec(TQString("cat %1/response2 | tr -d '\n' > %2/response4").arg(secure_directory).arg(secure_directory));
TQString stringtoreplace="Using T=0 protocol00 B0 00 00 FF> 00 B0 00 00 FF< "; TQString stringtoreplace="Using T=0 protocol00 B0 00 00 FF> 00 B0 00 00 FF< ";
TQString newstring=""; TQString newstring="";
systemexec((TQString("sed -i \"s#%1#%2#g\" %3/response4").arg(stringtoreplace).arg(newstring).arg(secure_directory)).ascii()); systemexec(TQString("sed -i \"s#%1#%2#g\" %3/response4").arg(stringtoreplace).arg(newstring).arg(secure_directory));
stringtoreplace=" 90 00 : Normal processing."; stringtoreplace=" 90 00 : Normal processing.";
newstring=""; newstring="";
systemexec((TQString("sed -i \"s#%1#%2#g\" %3/response4").arg(stringtoreplace).arg(newstring).arg(secure_directory)).ascii()); systemexec(TQString("sed -i \"s#%1#%2#g\" %3/response4").arg(stringtoreplace).arg(newstring).arg(secure_directory));
if (mode == "text") { if (mode == "text") {
stringtoreplace=" 00"; stringtoreplace=" 00";
newstring=""; newstring="";
systemexec((TQString("sed -i \"s#%1#%2#g\" %3/response4").arg(stringtoreplace).arg(newstring).arg(secure_directory)).ascii()); systemexec(TQString("sed -i \"s#%1#%2#g\" %3/response4").arg(stringtoreplace).arg(newstring).arg(secure_directory));
} }
// printf("[DEBUG 100.1] %s\n", readfile((TQString("%1/response4").arg(secure_directory))).ascii()); fflush(stdout); // printf("[DEBUG 100.1] %s\n", readfile(TQString("%1/response4").arg(secure_directory)).local8Bit().data()); fflush(stdout);
unlink((TQString("%1/lukskey").arg(secure_directory)).ascii()); unlink((TQString("%1/lukskey").arg(secure_directory)).local8Bit());
systemexec((TQString("xxd -r -p %1/response4 %2/lukskey").arg(secure_directory).arg(secure_directory)).ascii()); systemexec(TQString("xxd -r -p %1/response4 %2/lukskey").arg(secure_directory).arg(secure_directory));
return(TQString("%1/lukskey").arg(secure_directory)); return(TQString("%1/lukskey").arg(secure_directory));
} }
} }
if (command_mode == "cryptoflex") { if (command_mode == "cryptoflex") {
TQString file = TQString(prefix).replace(' ', ""); TQString file = TQString(prefix).replace(' ', "");
unlink((TQString("3F00_%1").arg(file)).ascii()); unlink((TQString("3F00_%1").arg(file)).local8Bit());
// systemexec((TQString("echo \"get %1\" | opensc-explorer").arg(file)).ascii()); // systemexec(TQString("echo \"get %1\" | opensc-explorer").arg(file));
fputs((TQString("get %1\n").arg(file)).ascii(), opensc_explorer_file); fputs((TQString("get %1\n").arg(file)).local8Bit(), opensc_explorer_file);
fflush(opensc_explorer_file); fflush(opensc_explorer_file);
int j; int j;
// Wait up to 2 seconds for the file to be written // Wait up to 2 seconds for the file to be written
for (j=0;j<200;j++) { for (j=0;j<200;j++) {
FILE* fp1 = fopen((TQString("3F00_%1").arg(file)).ascii(), "r"); FILE* fp1 = fopen((TQString("3F00_%1").arg(file)).local8Bit(), "r");
if (fp1) { if (fp1) {
// file exists // file exists
fclose(fp1); fclose(fp1);
@ -243,8 +243,8 @@ void createfile(TQString prefix, TQString mode)
if (command_mode == "cryptoflex") { if (command_mode == "cryptoflex") {
// Create transparent file with permissions: // Create transparent file with permissions:
// delete, terminate, activate, deactivate, update, read for Key 1 and Key 2 only // delete, terminate, activate, deactivate, update, read for Key 1 and Key 2 only
systemexec((TQString("echo \"F0 E0 00 FF 10 FF FF 00 %1 %2 01 3F 44 FF 44 01 03 11 FF 11\" > %3/query").arg(prefix).arg(mode).arg(secure_directory)).ascii()); systemexec(TQString("echo \"F0 E0 00 FF 10 FF FF 00 %1 %2 01 3F 44 FF 44 01 03 11 FF 11\" > %3/query").arg(prefix).arg(mode).arg(secure_directory));
systemexec((TQString("scriptor %1/query 1> %2/response2 2>/dev/null").arg(secure_directory).arg(secure_directory)).ascii()); systemexec(TQString("scriptor %1/query 1> %2/response2 2>/dev/null").arg(secure_directory).arg(secure_directory));
} }
if (command_mode == "acos") { if (command_mode == "acos") {
@ -253,43 +253,43 @@ void createfile(TQString prefix, TQString mode)
// created in DF 1000 under MF, SE file is 10FE // created in DF 1000 under MF, SE file is 10FE
// SIZE TRANSPARENT // SIZE TRANSPARENT
systemexec((TQString("echo \"00 E0 00 00 1A 62 18 80 02 00 %1 82 01 01 83 02 %2 8A 01 %3 8C 08 7F 04 04 04 04 04 04 04\" > %4/query").arg(prefix).arg(mode).arg(CREATE_LIFE_CYCLE).arg(secure_directory)).ascii()); systemexec(TQString("echo \"00 E0 00 00 1A 62 18 80 02 00 %1 82 01 01 83 02 %2 8A 01 %3 8C 08 7F 04 04 04 04 04 04 04\" > %4/query").arg(prefix).arg(mode).arg(CREATE_LIFE_CYCLE).arg(secure_directory));
systemexec((TQString("scriptor %1/query 1> %2/response2 2>/dev/null").arg(secure_directory)).ascii()); systemexec(TQString("scriptor %1/query 1> %2/response2 2>/dev/null").arg(secure_directory));
printf("[DEBUG 300.0] %s\n", readfile((TQString("%1/response2").arg(secure_directory))).ascii()); fflush(stdout); printf("[DEBUG 300.0] %s\n", readfile(TQString("%1/response2").arg(secure_directory)).local8Bit().data()); fflush(stdout);
} }
} }
void update_file(TQString prefix, TQString mode) { void update_file(TQString prefix, TQString mode) {
if (command_mode == "acos") { if (command_mode == "acos") {
// Select EF prefix under DF 1000 // Select EF prefix under DF 1000
systemexec((TQString("echo \"$SELECT_FILE %1\" > %2/query").arg(prefix).arg(secure_directory)).ascii()); systemexec(TQString("echo \"$SELECT_FILE %1\" > %2/query").arg(prefix).arg(secure_directory));
systemexec((TQString("scriptor %1/query 1> %2/response2").arg(secure_directory).arg(secure_directory)).ascii()); systemexec(TQString("scriptor %1/query 1> %2/response2").arg(secure_directory).arg(secure_directory));
printf("[DEBUG 200.0] %s\n", readfile((TQString("%1/response2").arg(secure_directory))).ascii()); fflush(stdout); printf("[DEBUG 200.0] %s\n", readfile(TQString("%1/response2").arg(secure_directory)).local8Bit().data()); fflush(stdout);
// Update existing file // Update existing file
// Zero pad input file // Zero pad input file
systemexec((TQString("dd if=/dev/zero of=%1/response2 bs=1 count=255 2>/dev/null 1>/dev/null").arg(secure_directory)).ascii()); systemexec(TQString("dd if=/dev/zero of=%1/response2 bs=1 count=255 2>/dev/null 1>/dev/null").arg(secure_directory));
systemexec((TQString("dd if=%1 of=%2/response2 bs=1 count=255 conv=notrunc 2>/dev/null 1>/dev/null").arg(mode).arg(secure_directory)).ascii()); systemexec(TQString("dd if=%1 of=%2/response2 bs=1 count=255 conv=notrunc 2>/dev/null 1>/dev/null").arg(mode).arg(secure_directory));
// Truncate to 255 bytes and expand to standard hex listing format // Truncate to 255 bytes and expand to standard hex listing format
systemexec((TQString("xxd -l 255 -ps -c 1 %1/response2 > %2/response").arg(secure_directory).arg(secure_directory)).ascii()); systemexec(TQString("xxd -l 255 -ps -c 1 %1/response2 > %2/response").arg(secure_directory).arg(secure_directory));
systemexec((TQString("cat %1/response | tr '\n' ' ' > %1/hexready").arg(secure_directory)).ascii()); systemexec(TQString("cat %1/response | tr '\n' ' ' > %1/hexready").arg(secure_directory));
TQString hexready = readfile((TQString("%1/hexready").arg(secure_directory)).ascii()); TQString hexready = readfile(TQString("%1/hexready").arg(secure_directory));
systemexec((TQString("echo \"%1 %2\" > %3/query").arg(update_binary).arg(hexready).arg(secure_directory)).ascii()); systemexec(TQString("echo \"%1 %2\" > %3/query").arg(update_binary).arg(hexready).arg(secure_directory));
systemexec((TQString("scriptor %1/query 1> %2/response2 2>/dev/null").arg(secure_directory).arg(secure_directory)).ascii()); systemexec(TQString("scriptor %1/query 1> %2/response2 2>/dev/null").arg(secure_directory).arg(secure_directory));
printf("[DEBUG 200.1] %s\n", readfile((TQString("%1/response2").arg(secure_directory))).ascii()); fflush(stdout); printf("[DEBUG 200.1] %s\n", readfile(TQString("%1/response2").arg(secure_directory)).local8Bit().data()); fflush(stdout);
} }
if (command_mode == "cryptoflex") { if (command_mode == "cryptoflex") {
// Delete old file // Delete old file
systemexec((TQString("echo \"%1 $1\" > %2/query").arg(delete_file).arg(secure_directory)).ascii()); systemexec(TQString("echo \"%1 $1\" > %2/query").arg(delete_file).arg(secure_directory));
systemexec((TQString("scriptor %1/query 1> %2/response2 2>/dev/null").arg(secure_directory).arg(secure_directory)).ascii()); systemexec(TQString("scriptor %1/query 1> %2/response2 2>/dev/null").arg(secure_directory).arg(secure_directory));
printf("[DEBUG 200.2] %s\n", readfile((TQString("%1/response2").arg(secure_directory))).ascii()); fflush(stdout); printf("[DEBUG 200.2] %s\n", readfile(TQString("%1/response2").arg(secure_directory)).local8Bit().data()); fflush(stdout);
// Create new file // Create new file
createfile("FF", prefix); createfile("FF", prefix);
TQString file = TQString(prefix).replace(' ', ""); TQString file = TQString(prefix).replace(' ', "");
systemexec((TQString("echo \"put %1 %2\" | opensc-explorer").arg(file).arg(mode)).ascii()); systemexec(TQString("echo \"put %1 %2\" | opensc-explorer").arg(file).arg(mode));
} }
} }
@ -323,16 +323,16 @@ int main (int argc, char *argv[])
// Create the secure directory and lock it down // Create the secure directory and lock it down
secure_directory = SECURE_DIRECTORY_PATH; secure_directory = SECURE_DIRECTORY_PATH;
rmrf(secure_directory.ascii()); rmrf(secure_directory.local8Bit());
mkdir(secure_directory.ascii(), 600); mkdir(secure_directory.local8Bit(), 600);
chown(secure_directory.ascii(), 0, 0); chown(secure_directory.local8Bit(), 0, 0);
chmod(secure_directory.ascii(), 600); chmod(secure_directory.local8Bit(), 600);
secure_directory=exec("mktemp " SECURE_DIRECTORY_PATH "/smartauthmon.XXXXXXXXXX"); secure_directory=exec(TQString("mktemp %1/smartauthmon.XXXXXXXXXX").arg(SECURE_DIRECTORY_PATH));
secure_directory.replace('\n', ""); secure_directory.replace('\n', "");
rmrf(secure_directory.ascii()); rmrf(secure_directory.local8Bit());
mkdir(secure_directory.ascii(), 600); mkdir(secure_directory.local8Bit(), 600);
chown(secure_directory.ascii(), 0, 0); chown(secure_directory.local8Bit(), 0, 0);
chmod(secure_directory.ascii(), 600); chmod(secure_directory.local8Bit(), 600);
// Terminate old pcscd process from initrd // Terminate old pcscd process from initrd
system("killall -9 pcscd"); system("killall -9 pcscd");
@ -373,17 +373,17 @@ int main (int argc, char *argv[])
systemexec("echo \"TAuthenticating SmartCard...\" > /tmp/tdesocket-global/kdesktoplockcontrol &"); systemexec("echo \"TAuthenticating SmartCard...\" > /tmp/tdesocket-global/kdesktoplockcontrol &");
// Get card ATR // Get card ATR
systemexec((TQString("echo \"RESET\" > %1/query").arg(secure_directory)).ascii()); systemexec(TQString("echo \"RESET\" > %1/query").arg(secure_directory));
systemexec((TQString("scriptor %1/query 1> %2/response2").arg(secure_directory).arg(secure_directory)).ascii()); systemexec(TQString("scriptor %1/query 1> %2/response2").arg(secure_directory).arg(secure_directory));
TQString authokresponse="OK: "; TQString authokresponse="OK: ";
TQString response1 = exec((TQString("cat %1/response2 | grep \"%2\"").arg(secure_directory).arg(authokresponse)).ascii()); TQString response1 = exec(TQString("cat %1/response2 | grep \"%2\"").arg(secure_directory).arg(authokresponse));
if (response1 != "") { if (response1 != "") {
systemexec((TQString("cat %1/response2 | tr -d '\n' > %2/response4").arg(secure_directory).arg(secure_directory)).ascii()); systemexec(TQString("cat %1/response2 | tr -d '\n' > %2/response4").arg(secure_directory).arg(secure_directory));
TQString stringtoreplace="Using T=0 protocolRESET> RESET< OK: "; TQString stringtoreplace="Using T=0 protocolRESET> RESET< OK: ";
TQString newstring=""; TQString newstring="";
systemexec((TQString("sed -i \"s#%1#%2#g\" %3/response4").arg(stringtoreplace).arg(newstring).arg(secure_directory)).ascii()); systemexec(TQString("sed -i \"s#%1#%2#g\" %3/response4").arg(stringtoreplace).arg(newstring).arg(secure_directory));
TQString smartatr = readfile((TQString("%1/response4").arg(secure_directory)).ascii()); TQString smartatr = readfile(TQString("%1/response4").arg(secure_directory));
printf("[DEBUG 400.2] Got ATR: %s\n", smartatr.ascii()); fflush(stdout); printf("[DEBUG 400.2] Got ATR: %s\n", smartatr.local8Bit().data()); fflush(stdout);
if (smartatr == "3B BE 18 00 00 41 05 10 00 00 00 00 00 00 00 00 00 90 00 ") { if (smartatr == "3B BE 18 00 00 41 05 10 00 00 00 00 00 00 00 00 00 90 00 ") {
printf("[DEBUG 400.3] Detected ACOS5 card\n"); fflush(stdout); printf("[DEBUG 400.3] Detected ACOS5 card\n"); fflush(stdout);
command_mode="acos"; command_mode="acos";
@ -418,60 +418,60 @@ int main (int argc, char *argv[])
if (command_mode == "acos") { if (command_mode == "acos") {
// Select MF // Select MF
systemexec((TQString("echo \"00 A4 00 00 00\" > %1/query").arg(secure_directory)).ascii()); systemexec(TQString("echo \"00 A4 00 00 00\" > %1/query").arg(secure_directory));
systemexec((TQString("scriptor %1/query 1> %2/response2").arg(secure_directory).arg(secure_directory)).ascii()); systemexec(TQString("scriptor %1/query 1> %2/response2").arg(secure_directory).arg(secure_directory));
printf("[DEBUG 400.4] %s\n", readfile((TQString("%1/response2").arg(secure_directory))).ascii()); fflush(stdout); printf("[DEBUG 400.4] %s\n", readfile(TQString("%1/response2").arg(secure_directory)).local8Bit().data()); fflush(stdout);
// Select DF 1000 under MF // Select DF 1000 under MF
systemexec((TQString("echo \"%1 10 00\" > %2/query").arg(select_file).arg(secure_directory)).ascii()); systemexec(TQString("echo \"%1 10 00\" > %2/query").arg(select_file).arg(secure_directory));
systemexec((TQString("scriptor %1/query 1> %2/response2").arg(secure_directory).arg(secure_directory)).ascii()); systemexec(TQString("scriptor %1/query 1> %2/response2").arg(secure_directory).arg(secure_directory));
printf("[DEBUG 400.5] %s\n", readfile((TQString("%1/response2").arg(secure_directory))).ascii()); fflush(stdout); printf("[DEBUG 400.5] %s\n", readfile(TQString("%1/response2").arg(secure_directory)).local8Bit().data()); fflush(stdout);
} }
systemexec((TQString("echo %1 > %2/authscript").arg(get_challenge).arg(secure_directory)).ascii()); systemexec(TQString("echo %1 > %2/authscript").arg(get_challenge).arg(secure_directory));
systemexec((TQString("scriptor %1/authscript | grep 'Normal processing' > %2/challenge").arg(secure_directory).arg(secure_directory)).ascii()); systemexec(TQString("scriptor %1/authscript | grep 'Normal processing' > %2/challenge").arg(secure_directory).arg(secure_directory));
systemexec((TQString("perl -pi -e 's/ //g' %1/challenge").arg(secure_directory)).ascii()); systemexec(TQString("perl -pi -e 's/ //g' %1/challenge").arg(secure_directory));
systemexec((TQString("perl -pi -e 's/:Normalprocessing.//g' %1/challenge").arg(secure_directory)).ascii()); systemexec(TQString("perl -pi -e 's/:Normalprocessing.//g' %1/challenge").arg(secure_directory));
systemexec((TQString("perl -pi -e 's/<//g' %1/challenge").arg(secure_directory)).ascii()); systemexec(TQString("perl -pi -e 's/<//g' %1/challenge").arg(secure_directory));
systemexec((TQString("xxd -r -p %1/challenge %2/challenge").arg(secure_directory).arg(secure_directory)).ascii()); systemexec(TQString("xxd -r -p %1/challenge %2/challenge").arg(secure_directory).arg(secure_directory));
// Now DES encrypt the challenge // Now DES encrypt the challenge
// Later, change the initialization vector to random if possible // Later, change the initialization vector to random if possible
// Create the response from the challenge // Create the response from the challenge
systemexec((TQString("openssl des-ecb -in %1/challenge -out %2/response -K %3 -iv 1").arg(secure_directory).arg(secure_directory).arg(hexidecimal_key)).ascii()); systemexec(TQString("openssl des-ecb -in %1/challenge -out %2/response -K %3 -iv 1").arg(secure_directory).arg(secure_directory).arg(hexidecimal_key));
if (command_mode == "acos") { if (command_mode == "acos") {
// Truncate to 8 bytes // Truncate to 8 bytes
systemexec((TQString("dd if=%1/response of=%2/response2 bs=1 count=8 2>/dev/null 1>/dev/null").arg(secure_directory).arg(secure_directory)).ascii()); systemexec(TQString("dd if=%1/response of=%2/response2 bs=1 count=8 2>/dev/null 1>/dev/null").arg(secure_directory).arg(secure_directory));
// Expand to standard hex listing format // Expand to standard hex listing format
systemexec((TQString("xxd -g 1 %1/response2 %2/response").arg(secure_directory).arg(secure_directory)).ascii()); systemexec(TQString("xxd -g 1 %1/response2 %2/response").arg(secure_directory).arg(secure_directory));
systemexec((TQString("dd if=%1/response of=%2/response2 bs=1 count=23 skip=9 2>/dev/null 1>/dev/null").arg(secure_directory).arg(secure_directory)).ascii()); systemexec(TQString("dd if=%1/response of=%2/response2 bs=1 count=23 skip=9 2>/dev/null 1>/dev/null").arg(secure_directory).arg(secure_directory));
} }
if (command_mode == "cryptoflex") { if (command_mode == "cryptoflex") {
// Truncate to 6 bytes // Truncate to 6 bytes
systemexec((TQString("dd if=%1/response of=%2/response2 bs=1 count=6 2>/dev/null 1>/dev/null").arg(secure_directory).arg(secure_directory)).ascii()); systemexec(TQString("dd if=%1/response of=%2/response2 bs=1 count=6 2>/dev/null 1>/dev/null").arg(secure_directory).arg(secure_directory));
// Expand to standard hex listing format // Expand to standard hex listing format
systemexec((TQString("xxd -g 1 %1/response2 %2/response").arg(secure_directory).arg(secure_directory)).ascii()); systemexec(TQString("xxd -g 1 %1/response2 %2/response").arg(secure_directory).arg(secure_directory));
systemexec((TQString("dd if=%1/response of=%2/response2 bs=1 count=17 skip=9 2>/dev/null 1>/dev/null").arg(secure_directory).arg(secure_directory)).ascii()); systemexec(TQString("dd if=%1/response of=%2/response2 bs=1 count=17 skip=9 2>/dev/null 1>/dev/null").arg(secure_directory).arg(secure_directory));
} }
// Assemble the response file // Assemble the response file
TQString response2 = readfile((TQString("%1/response2").arg(secure_directory)).ascii()); TQString response2 = readfile(TQString("%1/response2").arg(secure_directory));
response1 = TQString("%1 %2").arg(external_auth).arg(response2); response1 = TQString("%1 %2").arg(external_auth).arg(response2);
systemexec((TQString("echo %1 > %2/response").arg(response1).arg(secure_directory)).ascii()); systemexec(TQString("echo %1 > %2/response").arg(response1).arg(secure_directory));
// Send the response! // Send the response!
systemexec((TQString("scriptor %1/response > %2/response2").arg(secure_directory).arg(secure_directory)).ascii()); systemexec(TQString("scriptor %1/response > %2/response2").arg(secure_directory).arg(secure_directory));
// Get the result // Get the result
authokresponse = "< 90 00 : Normal processing"; authokresponse = "< 90 00 : Normal processing";
response1 = exec((TQString("cat %1/response2 | grep \"%2\"").arg(secure_directory).arg(authokresponse)).ascii()); response1 = exec(TQString("cat %1/response2 | grep \"%2\"").arg(secure_directory).arg(authokresponse));
printf("[DEBUG 400.6] %s\n", response1.ascii()); fflush(stdout); printf("[DEBUG 400.6] %s\n", response1.local8Bit().data()); fflush(stdout);
if (response1 != "") { if (response1 != "") {
printf("[DEBUG 400.7] Smart card validation successfull!\n"); fflush(stdout); printf("[DEBUG 400.7] Smart card validation successfull!\n"); fflush(stdout);
if (command_mode == "cryptoflex") { if (command_mode == "cryptoflex") {
@ -481,23 +481,23 @@ int main (int argc, char *argv[])
TQString response = get_file("10 02", "text"); TQString response = get_file("10 02", "text");
smartcard_username = readfile(response); smartcard_username = readfile(response);
smartcard_username = smartcard_username.replace('\n', ""); smartcard_username = smartcard_username.replace('\n', "");
unlink(response.ascii()); unlink(response.local8Bit());
response = get_file("10 03", "text"); response = get_file("10 03", "text");
smartcard_password = readfile(response.ascii()); smartcard_password = readfile(response);
smartcard_password = smartcard_password.replace('\n', ""); smartcard_password = smartcard_password.replace('\n', "");
unlink(response.ascii()); unlink(response.local8Bit());
response = get_file("10 04", "text"); response = get_file("10 04", "text");
smartcard_slave = readfile(response); smartcard_slave = readfile(response);
smartcard_slave = smartcard_slave.replace('\n', ""); smartcard_slave = smartcard_slave.replace('\n', "");
unlink(response.ascii()); unlink(response.local8Bit());
if (smartcard_slave == "SLAVE") { if (smartcard_slave == "SLAVE") {
get_file("10 05", "text"); get_file("10 05", "text");
smartcard_minutes_raw = readfile(response); smartcard_minutes_raw = readfile(response);
smartcard_minutes_raw = smartcard_minutes_raw.replace('\n', ""); smartcard_minutes_raw = smartcard_minutes_raw.replace('\n', "");
unlink(response.ascii()); unlink(response.local8Bit());
get_file("10 06", "text"); get_file("10 06", "text");
internet_minutes = readfile(response).toInt(); internet_minutes = readfile(response).toInt();
unlink(response.ascii()); unlink(response.local8Bit());
} }
} }
else { else {
@ -505,7 +505,7 @@ int main (int argc, char *argv[])
systemexec("echo \"EInvalid SmartCard Inserted\" > /tmp/tdesocket-global/kdesktoplockcontrol &"); systemexec("echo \"EInvalid SmartCard Inserted\" > /tmp/tdesocket-global/kdesktoplockcontrol &");
sleep(1); sleep(1);
smartcard_username=""; smartcard_username="";
unlink((TQString("%1/password").arg(secure_directory)).ascii()); unlink((TQString("%1/password").arg(secure_directory)).local8Bit());
smartcard_slave=""; smartcard_slave="";
} }
@ -520,7 +520,7 @@ int main (int argc, char *argv[])
// Decrement minutes on card // Decrement minutes on card
if (smartcard_minutes > 0) { if (smartcard_minutes > 0) {
smartcard_minutes=smartcard_minutes-1; smartcard_minutes=smartcard_minutes-1;
systemexec((TQString("echo %1 > %2/minutes").arg(smartcard_minutes).arg(secure_directory)).ascii()); systemexec(TQString("echo %1 > %2/minutes").arg(smartcard_minutes).arg(secure_directory));
update_file("10 05", TQString("%1/minutes").arg(secure_directory)); update_file("10 05", TQString("%1/minutes").arg(secure_directory));
} }
@ -528,11 +528,11 @@ int main (int argc, char *argv[])
printf("[DEBUG 400.8] Minutes have been used up!\n"); fflush(stdout); printf("[DEBUG 400.8] Minutes have been used up!\n"); fflush(stdout);
// Prohibit logon // Prohibit logon
smartcard_username=""; smartcard_username="";
unlink((TQString("%1/password").arg(secure_directory)).ascii()); unlink((TQString("%1/password").arg(secure_directory)).local8Bit());
} }
mkdir("/etc/smartmon", 644); mkdir("/etc/smartmon", 644);
systemexec((TQString("echo %1 > /etc/smartmon/minutesremaining").arg(smartcard_minutes)).ascii()); systemexec(TQString("echo %1 > /etc/smartmon/minutesremaining").arg(smartcard_minutes));
chmod("/etc/smartmon/minutesremaining", 755); chmod("/etc/smartmon/minutesremaining", 755);
} }
@ -551,7 +551,7 @@ int main (int argc, char *argv[])
noactivesessions=1; noactivesessions=1;
result="okbutempty"; result="okbutempty";
} }
printf("[DEBUG 400.9] %s\n", result.ascii()); fflush(stdout); printf("[DEBUG 400.9] %s\n", result.local8Bit().data()); fflush(stdout);
TQString resultbkp=result; TQString resultbkp=result;
if (errcode == 0) { if (errcode == 0) {
@ -587,10 +587,10 @@ int main (int argc, char *argv[])
foundsession=1; foundsession=1;
udisplay = TQString(":%1").arg(index); udisplay = TQString(":%1").arg(index);
// Check password // Check password
if (check_password(smartcard_username.ascii(), smartcard_password.ascii()) == 0) { if (check_password(smartcard_username.local8Bit(), smartcard_password.local8Bit()) == 0) {
systemexec((TQString("su %1 -c \"export DISPLAY=%2; " TRINITY_BIN_PREFIX "dcop kdesktop KScreensaverIface quit\"").arg(smartcard_username).arg(udisplay)).ascii()); systemexec(TQString("su %1 -c \"export DISPLAY=%2; " TRINITY_BIN_PREFIX "dcop kdesktop KScreensaverIface quit\"").arg(smartcard_username).arg(udisplay));
systemexec((TQString("su %1 -c \"export DISPLAY=%2; " TRINITY_BIN_PREFIX "dcop kdesktop KScreensaverIface enable false\"").arg(smartcard_username).arg(udisplay)).ascii()); systemexec(TQString("su %1 -c \"export DISPLAY=%2; " TRINITY_BIN_PREFIX "dcop kdesktop KScreensaverIface enable false\"").arg(smartcard_username).arg(udisplay));
systemexec((TQString(TRINITY_BIN_PREFIX "tdmctl activate %1").arg(udisplay)).ascii()); systemexec(TQString(TRINITY_BIN_PREFIX "tdmctl activate %1").arg(udisplay));
} }
else { else {
systemexec("echo \"EUnauthorized SmartCard Inserted\" > /tmp/tdesocket-global/kdesktoplockcontrol &"); systemexec("echo \"EUnauthorized SmartCard Inserted\" > /tmp/tdesocket-global/kdesktoplockcontrol &");
@ -655,8 +655,8 @@ int main (int argc, char *argv[])
if (display_has_sak) { if (display_has_sak) {
if (writefile(TQString(TDM_CONTROL_FIFO_SAK_FILE).arg(newdisplayint), "CLOSE\n") < 0) { if (writefile(TQString(TDM_CONTROL_FIFO_SAK_FILE).arg(newdisplayint), "CLOSE\n") < 0) {
// Uh oh, something failed... // Uh oh, something failed...
printf("Unable to write to TDM control socket %s\n", (TQString(TDM_CONTROL_FIFO_SAK_FILE).arg(newdisplayint)).ascii()); fflush(stdout); printf("Unable to write to TDM control socket %s\n", (TQString(TDM_CONTROL_FIFO_SAK_FILE).arg(newdisplayint)).local8Bit().data()); fflush(stdout);
unlink((TQString(TDM_CONTROL_FIFO_SAK_FILE).arg(newdisplayint)).ascii()); unlink((TQString(TDM_CONTROL_FIFO_SAK_FILE).arg(newdisplayint)).local8Bit());
writeerror = true; writeerror = true;
} }
else { else {
@ -664,7 +664,7 @@ int main (int argc, char *argv[])
int status = -1; int status = -1;
int timeout_counter = 0; int timeout_counter = 0;
while ((status != 0) && (timeout_counter < 30)) { while ((status != 0) && (timeout_counter < 30)) {
status = stat((TQString(TDM_CONTROL_FIFO_FILE).arg(newdisplayint)).ascii(), &buffer); status = stat((TQString(TDM_CONTROL_FIFO_FILE).arg(newdisplayint)).local8Bit(), &buffer);
timeout_counter++; timeout_counter++;
usleep(100000); usleep(100000);
} }
@ -674,8 +674,8 @@ int main (int argc, char *argv[])
// Make sure the control socket is writable // Make sure the control socket is writable
if (writefile(TQString(TDM_CONTROL_FIFO_FILE).arg(newdisplayint), "PING\n") < 0) { if (writefile(TQString(TDM_CONTROL_FIFO_FILE).arg(newdisplayint), "PING\n") < 0) {
// Uh oh, something failed... // Uh oh, something failed...
printf("Unable to write to TDM control socket %s\n", (TQString(TDM_CONTROL_FIFO_FILE).arg(newdisplayint)).ascii()); fflush(stdout); printf("Unable to write to TDM control socket %s\n", (TQString(TDM_CONTROL_FIFO_FILE).arg(newdisplayint)).local8Bit().data()); fflush(stdout);
unlink((TQString(TDM_CONTROL_FIFO_FILE).arg(newdisplayint)).ascii()); unlink((TQString(TDM_CONTROL_FIFO_FILE).arg(newdisplayint)).local8Bit());
writeerror = true; writeerror = true;
} }
} }
@ -698,26 +698,26 @@ int main (int argc, char *argv[])
} }
newdisplay = TQString(":%1").arg(newdisplayint); newdisplay = TQString(":%1").arg(newdisplayint);
printf("[DEBUG 400.f] Logging in on display %s\n", newdisplay.ascii()); fflush(stdout); printf("[DEBUG 400.f] Logging in on display %s\n", newdisplay.local8Bit().data()); fflush(stdout);
// Construct login string // Construct login string
TQString logincommand = TQString("LOGIN\t%1\t%2\n").arg(smartcard_username).arg(smartcard_password); TQString logincommand = TQString("LOGIN\t%1\t%2\n").arg(smartcard_username).arg(smartcard_password);
if (writefile(TQString(TDM_CONTROL_FIFO_FILE).arg(newdisplayint), logincommand) < 0) { if (writefile(TQString(TDM_CONTROL_FIFO_FILE).arg(newdisplayint), logincommand) < 0) {
// Uh oh, something failed... // Uh oh, something failed...
printf("Unable to write to TDM control socket %s\n", (TQString(TDM_CONTROL_FIFO_FILE).arg(newdisplayint)).ascii()); fflush(stdout); printf("Unable to write to TDM control socket %s\n", (TQString(TDM_CONTROL_FIFO_FILE).arg(newdisplayint)).local8Bit().data()); fflush(stdout);
} }
systemexec((TQString(TRINITY_BIN_PREFIX "tdmctl -g activate %1").arg(newdisplay)).ascii()); systemexec(TQString(TRINITY_BIN_PREFIX "tdmctl -g activate %1").arg(newdisplay));
udisplay=newdisplay; udisplay=newdisplay;
} }
if (smartcard_slave == "SLAVE") { if (smartcard_slave == "SLAVE") {
if (smartcard_minutes < 5) { if (smartcard_minutes < 5) {
systemexec((TQString("su %1 -c \"export DISPLAY=%2; zenity --warning --text 'You have less than 5 minutes of computer time remaining' || exit 0\" &").arg(smartcard_username).arg(udisplay)).ascii()); systemexec(TQString("su %1 -c \"export DISPLAY=%2; zenity --warning --text 'You have less than 5 minutes of computer time remaining' || exit 0\" &").arg(smartcard_username).arg(udisplay));
} }
} }
unlink((TQString("%1/password").arg(secure_directory)).ascii()); unlink((TQString("%1/password").arg(secure_directory)).local8Bit());
// if (loginok == 1) { // if (loginok == 1) {
// Wait for SmartCard removal // Wait for SmartCard removal
@ -727,35 +727,35 @@ int main (int argc, char *argv[])
while (output == 0) { while (output == 0) {
sleep(1); sleep(1);
systemexec((TQString("su %1 -c \"export DISPLAY=%2; " TRINITY_BIN_PREFIX "dcop kdesktop KScreensaverIface quit\"").arg(smartcard_username).arg(udisplay)).ascii()); systemexec(TQString("su %1 -c \"export DISPLAY=%2; " TRINITY_BIN_PREFIX "dcop kdesktop KScreensaverIface quit\"").arg(smartcard_username).arg(udisplay));
systemexec((TQString("su %1 -c \"export DISPLAY=%2; " TRINITY_BIN_PREFIX "dcop kdesktop KScreensaverIface enable false\"").arg(smartcard_username).arg(udisplay)).ascii()); systemexec(TQString("su %1 -c \"export DISPLAY=%2; " TRINITY_BIN_PREFIX "dcop kdesktop KScreensaverIface enable false\"").arg(smartcard_username).arg(udisplay));
output = systemexec("echo \"exit\" | scriptor 2>/dev/null 1>/dev/null"); output = systemexec("echo \"exit\" | scriptor 2>/dev/null 1>/dev/null");
if (smartcard_slave == "SLAVE") { if (smartcard_slave == "SLAVE") {
timer--; timer--;
if (timer == 0) { if (timer == 0) {
// 60 seconds have passed, decrement minutes on card // 60 seconds have passed, decrement minutes on card
smartcard_minutes--; smartcard_minutes--;
systemexec((TQString("echo %1 > /etc/smartmon/minutesremaining").arg(smartcard_minutes)).ascii()); systemexec(TQString("echo %1 > /etc/smartmon/minutesremaining").arg(smartcard_minutes));
chmod("/etc/smartmon/minutesremaining", 755); chmod("/etc/smartmon/minutesremaining", 755);
timer=60; timer=60;
systemexec((TQString("echo %1 > %2/minutes").arg(smartcard_minutes).arg(secure_directory)).ascii()); systemexec(TQString("echo %1 > %2/minutes").arg(smartcard_minutes).arg(secure_directory));
update_file("10 05", TQString("%1/minutes").arg(secure_directory)); update_file("10 05", TQString("%1/minutes").arg(secure_directory));
if (smartcard_minutes == 0) { if (smartcard_minutes == 0) {
printf("[DEBUG 401.0] Minutes have been used up!\n"); fflush(stdout); printf("[DEBUG 401.0] Minutes have been used up!\n"); fflush(stdout);
// Prohibit logon // Prohibit logon
smartcard_username=""; smartcard_username="";
unlink((TQString("%1/password").arg(secure_directory)).ascii()); unlink((TQString("%1/password").arg(secure_directory)).local8Bit());
} }
mkdir("/etc/smartmon", 644); mkdir("/etc/smartmon", 644);
systemexec((TQString("echo %1 > /etc/smartmon/minutesremaining").arg(smartcard_minutes)).ascii()); systemexec(TQString("echo %1 > /etc/smartmon/minutesremaining").arg(smartcard_minutes));
chmod("/etc/smartmon/minutesremaining", 755); chmod("/etc/smartmon/minutesremaining", 755);
if (smartcard_minutes == 5) { if (smartcard_minutes == 5) {
systemexec((TQString("su %1 -c \"export DISPLAY=%2; zenity --warning --text 'You have less than 5 minutes of computer time remaining' || exit 0\" &").arg(smartcard_username).arg(udisplay)).ascii()); systemexec(TQString("su %1 -c \"export DISPLAY=%2; zenity --warning --text 'You have less than 5 minutes of computer time remaining' || exit 0\" &").arg(smartcard_username).arg(udisplay));
} }
if (smartcard_minutes == 0) { if (smartcard_minutes == 0) {
@ -778,7 +778,7 @@ int main (int argc, char *argv[])
noactivesessions=1; noactivesessions=1;
result="okbutempty"; result="okbutempty";
} }
printf("[DEBUG 401.4] %s\n", result.ascii()); fflush(stdout); printf("[DEBUG 401.4] %s\n", result.local8Bit().data()); fflush(stdout);
// Zero the desktop array // Zero the desktop array
index=0; index=0;
@ -808,17 +808,17 @@ int main (int argc, char *argv[])
timeout=0; timeout=0;
blankresult=""; blankresult="";
while (blankresult != "true") { while (blankresult != "true") {
systemexec((TQString(TRINITY_BIN_PREFIX "tdmctl -g activate %1").arg(udisplay)).ascii()); systemexec(TQString(TRINITY_BIN_PREFIX "tdmctl -g activate %1").arg(udisplay));
systemexec((TQString("su %1 -c \"export DISPLAY=%2; " TRINITY_BIN_PREFIX "dcop kdesktop KScreensaverIface enable true\"").arg(smartcard_username).arg(udisplay)).ascii()); systemexec(TQString("su %1 -c \"export DISPLAY=%2; " TRINITY_BIN_PREFIX "dcop kdesktop KScreensaverIface enable true\"").arg(smartcard_username).arg(udisplay));
systemexec((TQString("su %1 -c \"export DISPLAY=%2; " TRINITY_BIN_PREFIX "dcop kdesktop KScreensaverIface lock\"").arg(smartcard_username).arg(udisplay)).ascii()); systemexec(TQString("su %1 -c \"export DISPLAY=%2; " TRINITY_BIN_PREFIX "dcop kdesktop KScreensaverIface lock\"").arg(smartcard_username).arg(udisplay));
int retcode; int retcode;
blankresult = execret(TQString("su %1 -c \"export DISPLAY=%2; " TRINITY_BIN_PREFIX "dcop kdesktop KScreensaverIface isBlanked\"").arg(smartcard_username).arg(udisplay).ascii(), &retcode); blankresult = execret(TQString("su %1 -c \"export DISPLAY=%2; " TRINITY_BIN_PREFIX "dcop kdesktop KScreensaverIface isBlanked\"").arg(smartcard_username).arg(udisplay), &retcode);
if (retcode != 0) { if (retcode != 0) {
blankresult="true"; blankresult="true";
} }
blankresult = blankresult.replace('\n', ""); blankresult = blankresult.replace('\n', "");
logouttest = exec((TQString("echo %1 | grep 'target display has no VT assigned'").arg(blankresult)).ascii()); logouttest = exec(TQString("echo %1 | grep 'target display has no VT assigned'").arg(blankresult));
if (logouttest != "") { if (logouttest != "") {
printf("[DEBUG 401.6] User has logged out\n"); fflush(stdout); printf("[DEBUG 401.6] User has logged out\n"); fflush(stdout);
blankresult="true"; blankresult="true";

Write Preview
Loading…
Cancel
Save