Index: /trunk/src/VBox/Additions/linux/lightdm-greeter/vbox-greeter.cpp =================================================================== --- /trunk/src/VBox/Additions/linux/lightdm-greeter/vbox-greeter.cpp (revision 45515) +++ /trunk/src/VBox/Additions/linux/lightdm-greeter/vbox-greeter.cpp (revision 45516) @@ -6,5 +6,5 @@ /* - * Copyright (C) 2012 Oracle Corporation + * Copyright (C) 2012-2013 Oracle Corporation * * This file is part of VirtualBox Open Source Edition (OSE), as @@ -143,8 +143,6 @@ /** The HGCM client ID. */ uint32_t uClientId; - /** The credentials. */ - char *pszUsername; + /** The credential password. */ char *pszPassword; - char *pszDomain; } VBOXGREETERCTX, *PVBOXGREETERCTX; @@ -360,5 +358,7 @@ else { - rc = VbglR3CredentialsRetrieve(&pCtx->pszUsername, &pCtx->pszPassword, &pCtx->pszDomain); + /** @todo Domain handling needed? */ + char *pszUsername; /* User name only is kept local. */ + rc = VbglR3CredentialsRetrieve(&pszUsername, &pCtx->pszPassword, NULL /* pszDomain */); if (RT_FAILURE(rc)) { @@ -368,18 +368,17 @@ { #ifdef DEBUG - vboxGreeterLog("vboxGreeterCheckCreds: credentials retrieved: user=%s, password=%s, domain=%s\n", - pCtx->pszUsername, pCtx->pszPassword, pCtx->pszDomain); + vboxGreeterLog("vboxGreeterCheckCreds: credentials retrieved: user=%s, password=%s\n", + pszUsername, pCtx->pszPassword); #else /* Don't log passwords in release mode! */ - vboxGreeterLog("vboxGreeterCheckCreds: credentials retrieved: user=%s, password=XXX, domain=%s\n", - pCtx->pszUsername, pCtx->pszDomain); -#endif - lightdm_greeter_authenticate(pCtx->pGreeter, pCtx->pszUsername); /* Must be the real user name from host! */ - /** @todo Add handling domains as well. */ - /** @todo Move into context destroy! */ -#if 0 - VbglR3CredentialsDestroy(pszUsername, pszPassword, pszDomain, + vboxGreeterLog("vboxGreeterCheckCreds: credentials retrieved: user=%s, password=XXX\n", + pszUsername); +#endif + /* Trigger LightDM authentication with the user name just retrieved. */ + lightdm_greeter_authenticate(pCtx->pGreeter, pszUsername); /* Must be the real user name from host! */ + + /* Securely wipe the user name again. */ + VbglR3CredentialsDestroy(pszUsername, NULL /* pszPassword */, NULL /* pszDomain */, 3 /* Three wipe passes */); -#endif } } @@ -442,4 +441,5 @@ break; } + /** @todo Other fields? */ default: @@ -447,6 +447,7 @@ } - VbglR3CredentialsDestroy(pCtx->pszUsername, pCtx->pszPassword, pCtx->pszDomain, + VbglR3CredentialsDestroy(NULL /* pszUsername */, pCtx->pszPassword, NULL /* pszDomain */, 3 /* Three wipe passes */); + pCtx->pszPassword = NULL; } @@ -492,14 +493,22 @@ if (lightdm_greeter_get_is_authenticated(pGreeter)) { - lightdm_greeter_start_session_sync(pGreeter, NULL, NULL); - + /** @todo Add non-default session support. */ gchar *pszSession = g_strdup(lightdm_greeter_get_default_session_hint(pGreeter)); if (pszSession) { vboxGreeterLog("starting session: %s\n", pszSession); - if (!lightdm_greeter_start_session_sync(pGreeter, pszSession, NULL)) + GError *pError = NULL; + if (!lightdm_greeter_start_session_sync(pGreeter, pszSession, &pError)) { - vboxGreeterError("unable to start session '%s'\n", pszSession); + vboxGreeterError("unable to start session '%s': %s\n", + pszSession, pError ? pError->message : "Unknown error"); } + else + { + AssertPtr(pszSession); + vboxGreeterLog("session '%s' successfully started\n", pszSession); + } + if (pError) + g_error_free(pError); g_free(pszSession); } @@ -716,60 +725,63 @@ { /* Get optional message. */ + szVal[0] = '\0'; int rc2 = vbox_read_prop(pCtx->uClientId, "/VirtualBox/GuestAdd/PAM/CredsMsgWaitAbort", true /* Read-only on guest */, szVal, sizeof(szVal), NULL /* Timestamp. */); - if (RT_SUCCESS(rc2)) - { + if ( RT_FAILURE(rc2) + && rc2 != VERR_NOT_FOUND) + vboxGreeterError("cb_check_creds: getting wait abort message failed with rc=%Rrc\n", rc2); # ifdef VBOX_WITH_FLTK - /** @todo */ + AssertPtr(pCtx->pLblInfo); + pCtx->pLblInfo->label(szVal); +# else + GtkLabel *pLblInfo = GTK_LABEL(gtk_builder_get_object(pCtx->pBuilder, VBOX_GREETER_UI_LBL_INFO)); + AssertPtr(pLblInfo); + gtk_label_set_text(pLblInfo, szVal); +# endif /* VBOX_WITH_FLTK */ + vboxGreeterLog("cb_check_creds: got notification from host to abort waiting\n"); + } + else + { +#endif /* VBOX_WITH_GUEST_PROPS */ + rc = vboxGreeterCheckCreds(pCtx); + if (RT_SUCCESS(rc)) + { + /* Credentials retrieved. */ + } + else if (rc == VERR_NOT_FOUND) + { + /* No credentials found, but try next round (if there's + * time left for) ... */ + } +#ifdef VBOX_WITH_GUEST_PROPS + } +#endif /* VBOX_WITH_GUEST_PROPS */ + + if (rc == VERR_NOT_FOUND) /* No credential found this round. */ + { + /* Calculate timeout value left after process has been started. */ + uint64_t u64Elapsed = RTTimeMilliTS() - pCtx->uStartMS; + /* Is it time to bail out? */ + if (pCtx->uTimeoutMS < u64Elapsed) + { +#ifdef VBOX_WITH_GUEST_PROPS + szVal[0] = '\0'; + int rc2 = vbox_read_prop(pCtx->uClientId, + "/VirtualBox/GuestAdd/PAM/CredsMsgWaitTimeout", + true /* Read-only on guest */, + szVal, sizeof(szVal), NULL /* Timestamp. */); + if ( RT_FAILURE(rc2) + && rc2 != VERR_NOT_FOUND) + vboxGreeterError("cb_check_creds: getting wait timeout message failed with rc=%Rrc\n", rc2); +# ifdef VBOX_WITH_FLTK + AssertPtr(pCtx->pLblInfo); + pCtx->pLblInfo->label(szVal); # else GtkLabel *pLblInfo = GTK_LABEL(gtk_builder_get_object(pCtx->pBuilder, VBOX_GREETER_UI_LBL_INFO)); AssertPtr(pLblInfo); gtk_label_set_text(pLblInfo, szVal); -# endif /* VBOX_WITH_FLTK */ - } - - vboxGreeterLog("cb_check_creds: got notification from host to abort waiting\n"); - } - else - { -#endif /* VBOX_WITH_GUEST_PROPS */ - rc = vboxGreeterCheckCreds(pCtx); - if (RT_SUCCESS(rc)) - { - /* Credentials retrieved. */ - } - else if (rc == VERR_NOT_FOUND) - { - /* No credentials found, but try next round (if there's - * time left for) ... */ - } -#ifdef VBOX_WITH_GUEST_PROPS - } -#endif /* VBOX_WITH_GUEST_PROPS */ - - if (rc == VERR_NOT_FOUND) /* No credential found this round. */ - { - /* Calculate timeout value left after process has been started. */ - uint64_t u64Elapsed = RTTimeMilliTS() - pCtx->uStartMS; - /* Is it time to bail out? */ - if (pCtx->uTimeoutMS < u64Elapsed) - { -#ifdef VBOX_WITH_GUEST_PROPS - int rc2 = vbox_read_prop(pCtx->uClientId, - "/VirtualBox/GuestAdd/PAM/CredsMsgWaitTimeout", - true /* Read-only on guest */, - szVal, sizeof(szVal), NULL /* Timestamp. */); - if (RT_SUCCESS(rc2)) - { -# ifdef VBOX_WITH_FLTK - /** @todo */ -# else - GtkLabel *pLblInfo = GTK_LABEL(gtk_builder_get_object(pCtx->pBuilder, VBOX_GREETER_UI_LBL_INFO)); - AssertPtr(pLblInfo); - gtk_label_set_text(pLblInfo, szVal); # endif - } #endif /* VBOX_WITH_GUEST_PROPS */ vboxGreeterLog("cb_check_creds: waiting thread has reached timeout (%dms), exiting ...\n",