diff --git a/tdecert/tdecertpart.cc b/tdecert/tdecertpart.cc index 3c937e9d6..02afc9b75 100644 --- a/tdecert/tdecertpart.cc +++ b/tdecert/tdecertpart.cc @@ -482,7 +482,7 @@ emit completed(); // x-pkcs12 loading ///////////////////////////////////////////////////////////////////////////// if (whatType == "application/x-pkcs12") { - TQCString pass; + TQString pass; _p12 = KSSLPKCS12::loadCertFile(m_file); while (!_p12) { @@ -490,7 +490,7 @@ if (whatType == "application/x-pkcs12") { int rc = KPasswordDialog::getPassword(pass, i18n("Certificate Password")); if (rc != KPasswordDialog::Accepted) break; - _p12 = KSSLPKCS12::loadCertFile(m_file, TQString(pass)); + _p12 = KSSLPKCS12::loadCertFile(m_file, pass); if (!_p12) { rc = KMessageBox::warningContinueCancel(_frame, i18n("The certificate file could not be loaded. Try a different password?"), i18n("Certificate Import"),i18n("Try Different")); diff --git a/tdeio/kssl/ksslpemcallback.cc b/tdeio/kssl/ksslpemcallback.cc index 207949a0c..584020c0f 100644 --- a/tdeio/kssl/ksslpemcallback.cc +++ b/tdeio/kssl/ksslpemcallback.cc @@ -28,26 +28,23 @@ int KSSLPemCallback(char *buf, int size, int rwflag, void *userdata) { #ifdef KSSL_HAVE_SSL - TQCString pass; + TQString pass2; Q_UNUSED(userdata); Q_UNUSED(rwflag); if (!buf) return -1; - int rc = KPasswordDialog::getPassword(pass, i18n("Certificate password")); + int rc = KPasswordDialog::getPassword(pass2, i18n("Certificate password")); if (rc != KPasswordDialog::Accepted) return -1; + TQCString pass = pass2.utf8(); // utf8 length may differ from TQString length const uint passlen = pass.length(); if (passlen > (unsigned int)size-1) pass.truncate((unsigned int)size-1); - tqstrncpy(buf, pass.data(), size-1); - - for (unsigned int i = 0; i < passlen; i++) - pass[i] = 0; - // To be sure that it doesn't optimise the previous loop away - for (unsigned int i = 0; i < passlen; i++) - pass[i] = pass[i]; - buf[size-1] = 0; + tqstrncpy(buf, pass, size-1); + buf[size-1] = 0; + pass.fill(' '); + pass2.fill(' '); return (int)passlen; #else Q_UNUSED(buf); diff --git a/tdeio/misc/tdewalletd/tdewalletd.cpp b/tdeio/misc/tdewalletd/tdewalletd.cpp index 5d73df4e6..97e942c3a 100644 --- a/tdeio/misc/tdewalletd/tdewalletd.cpp +++ b/tdeio/misc/tdewalletd/tdewalletd.cpp @@ -471,13 +471,13 @@ int TDEWalletD::internalOpen(const TQCString& appid, const TQString& wallet, boo kpd->setAllowEmptyPasswords(true); } - const char *p = 0L; + TQCString p; while (!b->isOpen()) { assert(kpd); // kpd can't be null if isOpen() is false setupDialog( kpd, w, appid, modal ); if (kpd->exec() == KDialog::Accepted) { - p = kpd->password(); - int rc = b->open(TQByteArray().duplicate(p, strlen(p))); + p = kpd->password().utf8(); + int rc = b->open(TQByteArray().duplicate(p)); if (!b->isOpen()) { kpd->setPrompt(i18n("Error opening the wallet '%1'. Please try again.
(Error code %2: %3)").arg(TQStyleSheet::escape(wallet)).arg(rc).arg(TDEWallet::Backend::openRCToString(rc))); kpd->clearPassword(); @@ -487,7 +487,7 @@ int TDEWalletD::internalOpen(const TQCString& appid, const TQString& wallet, boo } } - if (!emptyPass && (!p || !b->isOpen())) { + if (!emptyPass && (p.isEmpty() || !b->isOpen())) { delete b; delete kpd; return -1; @@ -662,11 +662,11 @@ void TDEWalletD::doTransactionChangePassword(const TQCString& appid, const TQStr kpd->setAllowEmptyPasswords(true); setupDialog( kpd, wId, appid, false ); if (kpd->exec() == KDialog::Accepted) { - const char *p = kpd->password(); - if (p) { + TQCString p = kpd->password().utf8(); + if (!p.isEmpty()) { _passwords[wallet] = p; TQByteArray pa; - pa.duplicate(p, strlen(p)); + pa.duplicate(p); int rc = w->close(pa); if (rc < 0) { KMessageBox::sorryWId(wId, i18n("Error re-encrypting the wallet. Password was not changed."), i18n("TDE Wallet Service")); diff --git a/tdenewstuff/security.cpp b/tdenewstuff/security.cpp index d161c2969..3bca16166 100644 --- a/tdenewstuff/security.cpp +++ b/tdenewstuff/security.cpp @@ -172,7 +172,7 @@ void Security::slotDataArrived(KProcIO *procIO) case Sign: if (data.find("passphrase.enter") != -1) { - TQCString password; + TQString password; KeyStruct key = m_keys[m_secretKey]; int result = KPasswordDialog::getPassword(password, i18n("Enter passphrase for key 0x%1, belonging to
%2<%3>:
").arg(m_secretKey).arg(key.name).arg(key.mail)); if (result == KPasswordDialog::Accepted) diff --git a/tdersync/tdersync.cpp b/tdersync/tdersync.cpp index df4fe3250..464b3923b 100644 --- a/tdersync/tdersync.cpp +++ b/tdersync/tdersync.cpp @@ -497,13 +497,13 @@ KDE_EXPORT int KRsync::establishConnectionRsync(char *buffer, TDEIO::fileoffset_ myDebug( << "sending mpass" << endl); connectionAuth.prompt = thisFn+buf; connectionAuth.password = TQString(); // don't prefill - TQCString thispass; + TQString thispass; if (KPasswordDialog::getPassword (thispass, i18n("Remote authorization required") + TQString("\n") + i18n("Please input") + TQString(" ") + TQString(buf), NULL) != 1) { shutdownConnection(true, false); return -1; } else { - connectionAuth.password = TQString(thispass); + connectionAuth.password = thispass; } connectionAuth.password += "\n"; myDebug( << "sending pass" << endl); @@ -620,13 +620,13 @@ KDE_EXPORT int KRsync::establishConnectionUnison(char *buffer, TDEIO::fileoffset myDebug( << "sending mpass" << endl); connectionAuth.prompt = thisFn+buf; connectionAuth.password = TQString(); // don't prefill - TQCString thispass; + TQString thispass; if (KPasswordDialog::getPassword (thispass, i18n("Remote authorization required") + TQString("\n") + i18n("Please input") + TQString(" ") + TQString(buf), NULL) != 1) { slotUnisonCancelled(); return -1; } else { - connectionAuth.password = TQString(thispass); + connectionAuth.password = thispass; } connectionAuth.password += "\n"; myDebug( << "sending pass" << endl); diff --git a/tdeui/kpassdlg.cpp b/tdeui/kpassdlg.cpp index 87df72f60..7ada9dc8e 100644 --- a/tdeui/kpassdlg.cpp +++ b/tdeui/kpassdlg.cpp @@ -138,8 +138,8 @@ KPasswordEdit::~KPasswordEdit() { } -const char *KPasswordEdit::password() const { - return text().ascii(); +TQString KPasswordEdit::password() const { + return text(); } void KPasswordEdit::erase() @@ -404,7 +404,7 @@ void KPasswordDialog::erase() void KPasswordDialog::slotOk() { if (m_Type == NewPassword) { - if (strcmp(m_pEdit->password(), m_pEdit2->password())) { + if (m_pEdit->password() != m_pEdit2->password()) { KMessageBox::sorry(this, i18n("You entered two different " "passwords. Please try again.")); erase(); @@ -459,8 +459,7 @@ void KPasswordDialog::slotLayout() } -// static . antlarr: KDE 4: Make it const TQString & prompt -int KPasswordDialog::getPassword(TQCString &password, TQString prompt, +int KPasswordDialog::getPassword(TQString &password, TQString prompt, int *keep) { const bool enableKeep = (keep && *keep); @@ -477,7 +476,7 @@ int KPasswordDialog::getPassword(TQCString &password, TQString prompt, // static . antlarr: KDE 4: Make it const TQString & prompt -int KPasswordDialog::getNewPassword(TQCString &password, TQString prompt) +int KPasswordDialog::getNewPassword(TQString &password, TQString prompt) { KPasswordDialog* const dlg = new KPasswordDialog(NewPassword, prompt); const int ret = dlg->exec(); @@ -502,8 +501,8 @@ void KPasswordDialog::virtual_hook( int id, void* data ) void KPasswordDialog::enableOkBtn() { if (m_Type == NewPassword) { - const bool match = strcmp(m_pEdit->password(), m_pEdit2->password()) == 0 - && (d->allowEmptyPasswords || m_pEdit->password()[0]); + const bool match = (m_pEdit->password() == m_pEdit2->password()) + && (d->allowEmptyPasswords || !m_pEdit->password().isEmpty()); const TQString pass(m_pEdit->password()); @@ -515,7 +514,7 @@ void KPasswordDialog::enableOkBtn() enableButtonOK( match ); } - if ( match && d->allowEmptyPasswords && m_pEdit->password()[0] == 0 ) { + if ( match && d->allowEmptyPasswords && m_pEdit->password().isEmpty() ) { d->m_MatchLabel->setText( i18n("Password is empty") ); } else { if ((int) pass.length() < minPasswordLength) { diff --git a/tdeui/kpassdlg.h b/tdeui/kpassdlg.h index f90a83f08..cd11bfd85 100644 --- a/tdeui/kpassdlg.h +++ b/tdeui/kpassdlg.h @@ -76,10 +76,9 @@ public: ~KPasswordEdit(); /** - * Returns the password. The memory is freed in the destructor - * so you should make a copy. + * Returns the password. */ - const char *password() const; + TQString password() const; /** * Erases the current password. @@ -129,7 +128,7 @@ private: * Usage example\n * * \code - * TQCString password; + * TQString password; * int result = KPasswordDialog::getPassword(password, i18n("Prompt message")); * if (result == KPasswordDialog::Accepted) * use(password); @@ -146,14 +145,6 @@ private: * Core dumps are dangerous because they are an image of the process memory, * and thus include any passwords that were in memory. * - * @li You should delete passwords as soon as they are not needed anymore. - * The functions getPassword() and getNewPassword() return the - * password as a TQCString. I believe this is safer than a TQString. A QString - * stores its characters internally as 16-bit wide values, so conversions are - * needed, both for creating the TQString and by using it. The temporary - * memory used for these conversion is probably not erased. This could lead - * to stray passwords in memory, even if you think you erased all of them. - * * @author Geert Jansen */ @@ -327,10 +318,9 @@ public: int passwordStrengthWarningLevel() const; /** - * Returns the password entered. The memory is freed in the destructor, - * so you should make a copy. + * Returns the password entered. */ - const char *password() const { return m_pEdit->password(); } + TQString password() const { return m_pEdit->password(); } /** * Clears the password input field. You might want to use this after the @@ -356,7 +346,7 @@ public: * is shown and the result is stored in *keep. * @return Result code: Accepted or Rejected. */ - static int getPassword(TQCString &password, TQString prompt, int *keep=0L); + static int getPassword(TQString &password, TQString prompt, int *keep=0L); /** * Pops up the dialog, asks the user for a password and returns it. The @@ -368,7 +358,7 @@ public: * information. The text is word broken to fit nicely in the dialog. * @return Result code: Accepted or Rejected. */ - static int getNewPassword(TQCString &password, TQString prompt); + static int getNewPassword(TQString &password, TQString prompt); /** * Static helper function that disables core dumps. @@ -388,7 +378,7 @@ protected: * checking in derived classes. It should return @p true if the * password is valid, @p false otherwise. */ - virtual bool checkPassword(const char *) { return true; } + virtual bool checkPassword(const TQString&) { return true; } private slots: void enableOkBtn();